Re: [gentoo-project] [RFC] New project: GURU [Gentoo User Repository, Unreviewed]
Sun, 03 Feb 2019 22:37:55
On 2/3/19 2:28 PM, Michał Górny wrote:
> What do you think?
I'd like to give two conflicting answers, and maybe answer Kristian's
question as well.
Every day we hear about some ridiculous security problem with the other
repositories of this type (Google's Play store, the NPM repository,
etc.) These are all an embarrassment to the organizations that run them
because the fact that their names are attached to the repository is an
implicit endorsement of its content.
Putting the "Gentoo" name on this is a bad idea. No matter how you dress
it up, this repository will be a collection of dangerous code uploaded
by complete strangers that our users will download and run as root. That
fact is not obvious to everyone, and we do a disservice to them by
hand-waving away the reality of the matter.
Despite how stupid it is, people do this already. The only difference
is, right now they download untrusted code from a hundred different
strangers in ten different overlays to accomplish the same thing.
Putting these ebuilds all in one "official" overlay would prevent people
from duplicating effort, and provide a central place for junk ebuilds to
mature without the developer bottleneck getting in the way. Perhaps it
will even spur collaboration, and encourage people to read the devmanual
because those skills can immediately be put to use.
For a long time, I've wanted a third level of stability:
c) I'm an idiot, break my system
Having the third option lets you get things out the door and into the
hands of users who are able to test them (after acknowledging the risks)
much faster. I guess this repository fills a similar void.
But, we need some sort of oversight or keyword control. Otherwise, if
everything is ~arch, some asshole is going to create a new account every
day and submit a hacked -r28976 of something in @system that will
immediately be installed on everyone's machines. Maybe this motivates
adding stability level (c) after all, for the user repo? And then it
would be available to developers as well. Food for thought.