[packagekit] 1-click; Third party vendors; etc.
Patryk Zawadzki
patrys at pld-linux.org
Mon Jun 2 11:04:49 PDT 2008
On Mon, Jun 2, 2008 at 7:22 PM, Klaus Kaempf <kkaempf at suse.de> wrote:
> Please explain how this is different from the usual 'rpm for
> distribution XYZ -> download here' links posted on project websites.
It's just as bad.
> Users click there, download and install it. Installation is done as
> root and the package can run all sorts of bad things in it %post
> section.
> The only difference I can see is that between download and install,
> you can inspect the package binary and look at the scripts within. Do
> people do this ?
Do people download and install random rpm packages? Probably yes.
Should they? I think not.
--
Patryk Zawadzki
PLD Linux Distribution
More information about the PackageKit
mailing list