Adam McKenna wrote: > > On Mon, Sep 10, 2001 at 09:24:42PM -0600, Neil Glenn wrote: > > I thought I had built up a nice sources.list over the months. > > I'm pretty confused at what you mean by "nice" sources.list. > > You are aware that every entry in sources.list gives someone else > root access to your computer, right? > > This cavalier attitude ... > > --Adam > Adam McKenna <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
Sorry to confuse you Adam. "Nice" means that I had gone to some trouble to locate some things that were difficult to find or not well documented. These included "official" sites for (non-us) crypto packages, security updates and others. It probably took a day to get KDE2 installed and working because I needed the non-us crypto packages. I presume you do not really mean I am giving root access to another individual. Rather, I think the risk is, that I (not someone else) might install a package of questionable origin. I do not install "everything" but try to research what I need. Having said that I would not hesitate to use apt (or dselect, apt method) to retrieve and install a desired package from a "non-debian" site that I trust. Further, there is nothing to prevent a maintainer from giving me "dangerous" bits in official code. This could be an innocent mistake or deliberate action. We must try to be responsible for our own actions (and it is good to support one another). Having answered your expert criticisms, I would ask if you have any expert advice that may help me out of my current dilema?
