[Gllug] Linux Conf GUI
tet at accucard.com
tet at accucard.com
Thu Jul 19 13:59:59 UTC 2001
>How is that different from downloading random .debs from the internet, and
>installing them?
1. I don't.
2. If they're from a reputable source, then at least they should be
signed, so you can check their authenticity. At least, you can with
RPM, and given how much Debian types rant about .deb's supposed
superiority, I'm assuming the same applies.
>> If anyone ever hijacks the go-gome.com domain, you're in a whole world
>> of hurt...
>
>Same for ftp.debian.org, ftp.apache.org, ftp.linux*.*, ftp.gnu.org.
True, but at least there, you're (usually) not downloading something
and piping it straight into a root shell. Yes, .deb/RPMs count, but
like I said, they should be signed, and the installation procedure
should check this.
Tet
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list