Benjamin Reed: Please ignore this message. Agreed, the Panther release
is more important, and this is not a request for user-mode fink
immediately. Just a parallel discussion among people who are interested.
Fair enough?
--- Chris Dolan <[EMAIL PROTECTED]> wrote:
> I have not yet heard anyone mention the best reason for user-mode fink:
> trust problems. Do you really want to be running a ton of shell scripts
> and makefiles as root? Not me. I'd rather compile and build .debs as a
> regular user and only do the final install step as root.
I don't think this holds water. If you don't trust the people writing the
scripts, what's to stop them from patching the software to do something
malicious while it's building (as a regular user) and then doing nasty
stuff after the software is installed as root?
--- John Davidorff Pell <[EMAIL PROTECTED]> wrote :
> While I agree with most of what you say, I feel that it is important to
> look at any structural changes to fink that could be done now to take
> advantage of the upcoming release.
I have to agree with Mr. Reed on this one. Enough things will need
debugging with the new release...
--- John Davidorff Pell <[EMAIL PROTECTED]> wrote :
> I've already started using my user-mode fink mod for my own stuff so I
> hope to have useful insight when the core developers are willing to
> listen.
You seem to have missed my earlier message on the topic, so let me
reiterate: it's not clear to me what problem your modification solves.
As far as I've seen, there are three possibilities:
1) Allow people who don't have root access to use fink to install
"personal" software -- Nope, having a fink user doesn't help because
regular users won't be able to switch to/create the user.
2) Allow package maintainers to debug .info files in a "sandbox" so they
don't trash their /sw trees. -- Nope, if all fink packages are owned by a
fink user, then package maintainers can still trash their /sw trees.
3) Prevent malicious fink scripts/open source software from doing damage
on your machine. -- Actually, yes, your patch helps with this as
long as fink _never_ requires root for anything. If this is the
case, then after you create the fink user, software installed through fink
will only be able to harm other fink software. This is probably a step in
the right direction,
-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
_______________________________________________
Fink-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/fink-devel
