On Tue, Sep 09, 2008 at 11:11:45PM +0100, Ben Hutchings wrote: > It's not arbitrary. As it stands, this package is a security hole > just waiting to be exploited if it gets released.
I take it "gdebi" (or whatever it's called) is also a security hole then? It installs untrusted data when the user has approved it! You can even visit a website, click on a .deb file, and upon your confirmation untrusted code is executed with root perms. Clearly we should do something to prevent that. Also, lots of websites strongly encourage you to install Adobe Flash. They point you to a website, giving you an unsigned binary, and upon your approval your system ends up executing it. Clearly we should do something to prevent that. Fix your double standards. -- Robert Millan The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all." -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
