Re: [wsjt-devel] WSJT-X and KVASD and License Conformance

Wed, 12 Nov 2014 20:21:50 -0800 

Hi Bill,

I am answering below.

73,
Yan.
---
Yannick DEVOS - XV4Y
http://www.qscope.org/
http://xv4y.radioclub.asia/

Le 13 nov. 2014 à 07:37, Bill Somerville <g4...@classdesign.com> a écrit :

> On 12/11/2014 23:51, Yannick DEVOS (XV4Y) wrote:
>> Hi Bill,
> Hi Yan,
>> 
>> I am not a specialist about this questions, but this is my comment.
>> What you could do on OS X is at first run check if the KVASD is present (and 
>> updated) and if not download it and install it (with the EULA dialog, etc).
>> The ClamXAV antivirus does this for its internal engine which is developed 
>> by a different team than the GUI itself.
> I did consider such a solution for all platforms although it is probable 
> that the application doesn't have permission to write the KVASD 
> executable to the required location. The main reason that I didn't take 
> this route and instead linked the KVASD install to the WSJT-X installer 
> (more or less directly) is that it isolates the code that requires 
> elevated permissions to the installer context.
ClamXAV for instance ask the administrator password, but it might be because 
the antivirus engine has to work at system level...
> 
> In general I think it is a potential major security violation for any 
> application to download executable content from the Internet and such 
> ability should not be granted to a user level application.
I quite agree with you from a general principle, however many applications like 
FireFox or Google Chrome do their updates this way.
I don't tell you to silently do it like Chrome does it, because I find it very 
annoying.
However, informing the user, and providing him a way to download the package in 
one click and install it with just a further drag-&-drop seems responsible to 
me.

If I were to do it for a software I wrote, that's the way I would do it, but 
that does not mean that's the way you have to do it...
>> 
>> 73,
>> Yan - XV4Y.
>> ---
>> http://www.qscope.org/
> 73
> Bill
> G4WJS.


------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
_______________________________________________
wsjt-devel mailing list
wsjt-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wsjt-devel

Reply via email to