I believe that the user should be able to add repositories with Apturl. It's better behavior because it makes the system easier to use. It does make sense to provide a warning (something like "Warning: This enables obtaining software from a 3rd party, it may be unsafe! Do you want to continue?" maybe) since there is a security risk if the user isn't careful.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gdebi in Ubuntu. https://bugs.launchpad.net/bugs/139227 Title: Make gdebi harder to use (was: Disable support for adding repositories) Status in apturl package in Ubuntu: Fix Released Status in gdebi package in Ubuntu: Won't Fix Bug description: Binary package hint: apturl I think the ability to add repositories to the apt sources should not be enabled/included by default. This is potentially a huge security risk. E.g. a user can be easily seduced to enable some repository to install the newest coolest most beautiful screensaver from it, but later a package is added to that repository with malicious code that replaces one of the ubuntu packages on the system. Apturl provides some great functionality, but it should encourage people to install software from the official repositories, not make it supereasy to enable all kinds of untrusted third party repositories. Wether you agree with this or not, I think it would be good to at least discuss this on ubuntu-devel before enabling this feature. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apturl/+bug/139227/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
