| 1 |
What about moving all of these binary-only packages in an official overlay |
| 2 |
(made for the scope) or in GURU? |
| 3 |
|
| 4 |
Il Gio 2 Apr 2020, 02:48 Rich Freeman <rich0@g.o> ha scritto: |
| 5 |
|
| 6 |
> On Wed, Apr 1, 2020 at 8:18 PM Alessandro Barbieri |
| 7 |
> <lssndrbarbieri@×××××.com> wrote: |
| 8 |
> > |
| 9 |
> > I have concerns about the inclusion of zoom in ::gentoo. For me it's |
| 10 |
> more like a malware. |
| 11 |
> > From the hacker news feed you'll find out that: |
| 12 |
> |
| 13 |
> I guess we could stick an einfo in the post-install messages, but if |
| 14 |
> you're joining a zoom meeting are you going to be any more secure if |
| 15 |
> you manually install the files instead? I can't imagine that people |
| 16 |
> are going to stop attending meetings just because they picked the |
| 17 |
> wrong software to host them. Plus a few of those concerns apply to |
| 18 |
> MANY packages - such as a lack of end-to-end encryption, or ever |
| 19 |
> having had a zero day. |
| 20 |
> |
| 21 |
> I'm not intending to endorse Zoom here, but Gentoo isn't really |
| 22 |
> intended as a purist distro that will never include a package if it is |
| 23 |
> associated with a service that might collect user data and so on. In |
| 24 |
> fact, we have many packages with these associations. Ultimately users |
| 25 |
> can decide what they want to run, and we're just providing the files |
| 26 |
> in the most convenient and secure manner possible. For example, when |
| 27 |
> the zero day is fixed if you're using Gentoo you'll benefit from our |
| 28 |
> security policy, while you would not if you had just manually |
| 29 |
> installed some files/etc... |
| 30 |
> |
| 31 |
> -- |
| 32 |
> Rich |
| 33 |
> |
| 34 |
> |
Archives