No, it's fine. APT does automatic verification of signatures. We can publish the key over HTTPS, or to a keyserver. It also lets you configure automatic updates.
X On 01/08/10 15:40, Romain Dalmaso wrote: > This is risky. Unlike updating over the freenet network, it's not > secure at all and it's not automatic. > > On Sun, Aug 1, 2010 at 12:50 PM, Ximin Luo<infinity0 at gmx.com> wrote: >> On 31/07/10 18:32, Matthew Toseland wrote: >>> >>> The fundamental, irresolvable problem with worrying about the FHS is that >>> we >>> need to be able to update our own executable code. Hence Freenet is >>> installed under a single user, binaries, logs, and everything else. This >>> is >>> true now by accident or design on unix, and it will be true on Windows >>> very >>> soon as well because of nasty installer issues with trying to make it a >>> service. >>> >> >> I can go set up a freenet APT repository, it's really simple and requires no >> extra daemon, just static HTTP files. (After we get this directory structure >> sorted out and some build-deb scripts, of course.) That will take care of >> the auto-update issue on Debian and Ubuntu. >> >> X >> _______________________________________________ >> Devl mailing list >> Devl at freenetproject.org >> http://freenetproject.org/cgi-bin/mailman/listinfo/devl >> > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://freenetproject.org/cgi-bin/mailman/listinfo/devl
