Posted Apr 1, 2005 7:10 UTC (Fri) by mcatkins
In reply to: Autopackage 1.0
Parent article: Autopackage 1.0
Thinking about it some more, you are probably right. I was thinking
that at least the package integrity, etc was checked before getting
to that point. But you're right - this doesn't really give you much.
I would maintain, however, that we shouldn't be encouraging people
to get into the habit of download+run (without putting on thinking hat).
Download+feed_to_some_program at least leaves open the possibility
that some checks occur, or could be added in the future, and thus is
a better habit to encourage - IMHO.
There is no replacement for "trusting" (to some extent) the source
of your packages!
My other comments still stand....
to post comments)