1 |
On Wed, 2007-20-06 at 18:28 -0400, Mike Frysinger wrote: |
2 |
> On Wednesday 20 June 2007, Olivier Crête wrote: |
3 |
> > On Wed, 2007-20-06 at 17:19 -0400, Mike Frysinger wrote: |
4 |
> > > the use of the binpkg is not an issue, it's the creation ... people |
5 |
> > > blindly creating tbz2's which could contain their sensitive files and |
6 |
> > > posting them |
7 |
> > > |
8 |
> > > i'll just go ahead with the feedback from Olivier and have quickpkg skip |
9 |
> > > CONFIG_PROTECT by default |
10 |
> > |
11 |
> > This will by default create potentially broken packages (since many just |
12 |
> > wont work without their CONFIG_PROTECTed files). That's why I suggested |
13 |
> > a big fat warning and accepting that we can't protect users against |
14 |
> > themselves or against social engineering (aka their own stupidity). |
15 |
> |
16 |
> i think this would only be an issue where quickpkg is being run |
17 |
> non-interactively and the output not being reviewed (which i also dont think |
18 |
> is a common scenario for quickpkg) ... the new output of quickpkg will be |
19 |
> explicit in what it is (or isnt) doing so there wont be any issue of "drive |
20 |
> by" social engineering |
21 |
|
22 |
Well, I often use quickpkg when I want to try a new version of a package |
23 |
(I quickpkg the currently installed one.. and I want to keep all the |
24 |
config files). Then I emerge the new one, and I absolutely want to be |
25 |
able to restore the config files if I want to revert to an older |
26 |
version, either because they have been broken by the pkg_postinst or |
27 |
something else. I still haven't heard a good reason to change anything |
28 |
thats not the printing in quickpkg. |
29 |
|
30 |
> as for dubbing people who are successfully socially engineered "stupid", i |
31 |
> dont really think that's appropriate ... consider noobs on irc in #gentoo who |
32 |
> just want to help and havent learned their way around yet. are they stupid |
33 |
> (well they might be, but lets give them the benefit of the doubt) ? i'd |
34 |
> liken the situation to a kid growing up ... kids arent stupid, they lack |
35 |
> experience and calling them stupid isnt constructive |
36 |
|
37 |
I'm not calling anyone stupid... but I'm talking of our inner stupidity |
38 |
(which we all have)... |
39 |
|
40 |
-- |
41 |
Olivier Crête |
42 |
tester@g.o |
43 |
Gentoo Developer |