Usage of apturl in the documentation
Matthew East
mdke at ubuntu.com
Fri Sep 26 23:36:07 UTC 2008
On Fri, Sep 26, 2008 at 6:49 PM, Dougie Richardson
<ddrichardson at btinternet.com> wrote:
> "A possible attack vector would be to trick users to install a application with a known vulnerability or to install applications that open a port."
Well, if we are getting that paranoid, it's possible to trick many
users into installing applications without apt-url, as well. I don't
know of any reported incidents of that type for our wiki though.
And if the Ubuntu development team was happy to enable apt-url in
firefox and gnome so that the protocol works on any site where the
administration chooses to use it, (and it's clear from the spec that
this risk was considered already) then it just doesn't make sense to
me to avoid using on the Ubuntu help wiki. I don't think as a team we
are well equipped to reconsider an issue already considered by the
development team.
--
Matthew East
http://www.mdke.org
gnupg pub 1024D/0E6B06FF
More information about the ubuntu-doc
mailing list