Comments on: Lets Let APT-URL Install Repositories

By: Exciting Stuff in the Debian (and Ubuntu) and Apache Pipelines at Docunext Technology

Sat, 19 Apr 2008 15:57:29 +0000

[...] - check this out too: http://www.earobinson.org/2008/03/06/lets-let-apt-url-install-epositories/ - might be cool to pair that with dpkg-www for some interesting web-based management and [...]

By: Jadd

Jadd — Mon, 31 Mar 2008 10:35:36 +0000

No! Newbies do not need this feature, it’s far too dangerous to let them do it, (security-wise and support-wise), intermediate users can already do it through a automatically installed GUI and through the command line.

By: Jakob Petsovits

Jakob Petsovits — Mon, 10 Mar 2008 09:06:26 +0000

“wiki.earobinson.org is trying to add a repository if this is a trusted website please click yes otherwise click no”

I think we need to get rid of the yes/no dialog mentality. Annoying nitpicking, I know, but “yes” should have been “Install” and “no” should have been “Don’t install”. No idea about the security thing, though

By: Dedalus

Dedalus — Sat, 08 Mar 2008 17:51:47 +0000

Okay, so it looks like aptPLUShttp has been disabled for security concerns, but I am sure that it used to work!

By: asdfsadf

asdfsadf — Fri, 07 Mar 2008 15:39:46 +0000

HELLLLL no.

Ubuntu should not be as stupid as windows. “A warning” really means: a screen ‘everyone’ will blindly click ok on. It won’t actually do anything productive.

If we do add this ability, I hope *you* personally plan on providing support to every single person who is bitten by this, including helping them recreate whatever data they’ve lost due to maliciousness. Oh, and you may have to untarnish the reputation of Linux as more secure than windows as well.

Good luck with that.

By: Chad

Chad — Fri, 07 Mar 2008 15:29:45 +0000

I’d like to see this capability reenabled if the security concerns can be resolved. It would definitely make life easier and I’d like to add the ability to Linux App Finder. I already have the code in place.

Chad
http://linuxappfinder.com

By: Sebastian Heinlein

Sebastian Heinlein — Fri, 07 Mar 2008 15:08:17 +0000

PLease take a look at this spec:

https://wiki.ubuntu.com/ThirdPartyApt

This has already been discussed.

By: Cristiano

Cristiano — Fri, 07 Mar 2008 11:51:39 +0000

I don’t think it’s a good idea from security’s POV.

By: antistress

antistress — Fri, 07 Mar 2008 11:27:27 +0000

See idea #2629: apturl in Evince with PDF files
http://brainstorm.ubuntu.com/idea/2629/

By: jimcooncat

jimcooncat — Fri, 07 Mar 2008 11:12:06 +0000

If I recall correctly, a well-crafted .deb can install a repository. So once you’ve added one repository the old-fashioned way, that repository can hold .debs to install others.

So it seems simple you could have one master repository, that would hold other “trusted” repositories. Even though the first one isn’t “free for the taking”, it would alleviate a lot of concern about security.