Announcement: One Click Installer
Sebastian Heinlein
glatzor at ubuntu.com
Tue Aug 7 15:30:21 BST 2007
Am Dienstag, den 07.08.2007, 01:04 +0200 schrieb Krzysztof Lichota:
> Chris Wagner napisał(a):
> > Every time someone comes up with a new, more-intuitive way to install
> > software on Linux, there seems to be more negative comments about it
> > than positive. I recall similar comments when Gdebi was proposed, but
> > it seems to have gone over okay.
> >
> > I only see one major flaw in Krzysztof's model: security. (Am I wrong?
> > Are there other serious problems?) Unfortunately, that's arguably the
> > most important issue. Rather than shrug off this solution, though, why
> > not come up with a mechanism for making it (at least somewhat) secure?
>
> I completely agree the security is important.
even a signed software can do a lot of harm to your system. installing
software from the internet blindly is perhaps the cause for most
unstable windows systems.
if a package would be signed by the ubuntu developers it should be part
of the distribution.
if you require to only install signed packages only you would at least
make sure that the package creator has got some basic skills.
furthermore it could be nice to make use of the gnupg web of trust here.
you could calculate a trust level from the number and kind of
signatures.
what are your plans about an translation infrastructure for the oci
files? if you don't find any translators you won't get any translations
- the current problem of ddtp.
you mentioned tucows and a central wiki page many times. any plans on
this? the idea was discussed several times in the past, but it was never
implemented in the official ubuntu frame work. perhaps an error, since
now we seem to get a lot of separated sites with no central quality
assurance.
cheers,
sebastian
More information about the ubuntu-devel
mailing list