http://brainstorm.ubuntu.com/item/12753/
The success of getdeb.net and the launchpad PPA's show a demand for third party software. Installing a Ubuntu package via gdebi is easy and used frequently.

Even when installed from a trustworthy source, installation of single DEB-packages cause a security risk due to a lack of updates. IF the user decides to install third-party software, it seems just consistent to offer him a comparable easy way of adding a repository. This way, his software will get updated and he will decrease the risk of possible security holes due to outdated software.


]]> en-us Tue, 02 Sep 2008 23:07:14 +0000 Wed, 22 Oct 2008 17:41:42 +0000 QAPoll module http://brainstorm.ubuntu.com/idea/12753/ Wed, 03 Sep 2008 07:00:28 +0000 Wed, 03 Sep 2008 10:15:37 +0000 Adding repository suck for ordinary user
better open again]]> Wed, 03 Sep 2008 12:44:27 +0000 Wed, 03 Sep 2008 13:14:04 +0000 Wed, 03 Sep 2008 17:31:51 +0000
]]> Thu, 04 Sep 2008 03:33:51 +0000
There is NOTHING new to be done, as far as I see it. It's all possible right now just by making a package (we have GDebi to make package installation painless, although I don't know if it's assigned to downloaded Debian packages by default since I don't use Firefox)]]> Thu, 04 Sep 2008 04:55:56 +0000 Fri, 05 Sep 2008 08:58:02 +0000 Fri, 05 Sep 2008 14:36:25 +0000 Fri, 05 Sep 2008 19:30:02 +0000 Sat, 06 Sep 2008 00:45:55 +0000
The idea of a few clicks between anywhere on the internet to root should have some serious boundaries. system -> administration -> Software sources -> Third party, copy paste, reload. VERY easy, and not scriptable. Requires easy, but DELIBERATE on part of an administrator.

Haven't we learned our lesson with dangerous one click actions with warning dialogs?? Or are we just going to add CAPTCHAS on all the warning dialogs to make people read them. Uggh! ]]> Thu, 16 Oct 2008 18:02:07 +0000
Placing arbitrary limits on what "should" or "should not" be the case is a broken way of thinking. The fact is that everything proposed in this idea is completely do-able right now, on every Ubuntu, Debian and Debian-derived system in the world. It probably applies to every RPM system too, but I only ever used RPM through Apt4RPM. Saying it 'should not' be do-able because nefarious people could cause harm is wrong, since those wishing to do harm are clued-up enough to do it already. Those who don't already know how to do it are the "average users" who would benefit from this stuff.

However, that's a generic argument. As for this idea, it is completely redundant as I've already stated that it's all possible already.]]> Thu, 16 Oct 2008 20:56:24 +0000
Should apturl be able to modify sources.list if Synaptic is already open?

Wouldn't the most logical functionality be that Synaptic would have to be closed before apturl could do anything? (I'm envisioning what would happen if, say, Synaptic is open, and the user tries to open Add/Remove. Synaptic already has "control" of APT, and has to be closed before Add/Remove can have it.

That way, apturl would require explicit entry of SUDO password - preventing a malicious web site from adding a malicious repo.]]> Wed, 22 Oct 2008 17:41:42 +0000