Fedora board vote and way forward
Bruno Wolff III
bruno at wolff.to
Fri Jan 24 17:50:32 UTC 2014
On Fri, Jan 24, 2014 at 19:21:23 +0200,
Elad Alfassa <elad at fedoraproject.org> wrote:
>Adam, the problem is that it's extremely un-intuative for a user when it's
>"download a pacakge with the .repo in it you found on a random search on
>google, and THEN use Software to search for the app you wanted to install".
>People unfamiliar with the underlying architecture will not understand that
>easily. If we could make it so that a package could both install a
>repository file AND software from that repository (also known as "one click
>install") that would solve that problem, but will still introduce a problem
>of security, because it will encourage users to download random software
>from the web, essentially invalidating all the security benefits of a
>package management system.
Downloading commercial software is a security problem in the first place.
I wouldn't expect downloading random software to be much worse. I suppose
that would depend on the space you are selecting from, but for at least
some ways about hearing about software, I would expect the commercial
stuff to be much more likely to have anti-user features and bundled libraries
with known security problems than some small open source project.
More information about the desktop
mailing list