On Thu, Aug 21, 2003 at 03:33:50PM -0400, Matt Zimmerman wrote: > On Thu, Aug 21, 2003 at 01:51:32PM -0400, Colin Walters wrote: > > > > I'd get pretty annoyed at being prompted every time to ignore unsecured > > sources. And if we add an option to ignore unsecured sources, then people > > will just use that, and that kind of makes the whole thing pointless. > > I would say that by default, it should go ahead and use the unsecured > sources, but display a warning to the user. <...> > If a user asks to install (or upgrade!) a package, and the selected version > is coming from an insecure source, I think apt should warn loudly about > this, and ask for confirmation.
And add an option (defaulting to false I suppose given the earlier conversation) to actually bail out instead of asking? Thinking about semi-automated update scripts here - which may want to _not_ upgrade instead of forcing upgrades when something strange happens. > > This company also has scripts to automatically upgrade all the machines on > > their intranet. They don't want to have any user interaction, so > > prompting is out. > > A force option could be provided, but I think it would be better to make it > a no-brainer for a source to be secured. Actually, wouldn't a force (install) option be a bad idea even in the above situation? If someone messes with that company's internet connection and redirects *.debian.org to his own, unsigned archive, the force install options would have their scripts happily ignore the lack of a key. Regards, Filip -- Evil Overlord Quote of the Day: 150.I will provide funding and research to develop tactical and strategic weapons covering a full range of needs so my choices are not limited to "hand to hand combat with swords" and "blow up the planet".
