On 02/19/2011 08:38 PM, Alf Gaida wrote:
Maybe i have should use a <ironic> tag. Nothing is secure in the end, if anyone will do harm, he'll find a security hole. Like this: http://www.webhostingtalk.com/showthread.php?t=717240
Exactly, because we cannot reach perfect security, we should not care about it at all!
I agree fully with Allan. For me it makes not a big difference if a package is signed or not. It's a nice to have feature and i would be glad if someone would implement it. But for me it has a very low priority..
It makes a big difference if your system is compromised. And then you will care about it. I don't understand this naive and short-sighted opinion. @Allan: I am a bit disappointed with your opinion that you want to implement only features that you care about. I think there is also a reponsibility if you are one of the main developers of the package manager of a popular distribution. And you don't even have to implement the features yourself - there are people who are willing to help. But those people should also get some support by you. Daniel