Originally posted by wizard69
View Post
Announcement
Collapse
No announcement yet.
Fedora Might Start Dropping Packages With Consistently Bad Security Records
Collapse
X
-
-
Originally posted by wizard69 View PostThe key here is the lack of maintenance. If an app is no longer supported in a timely manner it is a security risk.
Leave a comment:
-
Originally posted by cen1 View PostHow about you let me install whatever I want and as much as I want? Fedora needs more packages, not less.
Leave a comment:
-
in my mind im thinking what took so long! This is somethinh i expect fro a distro
Originally posted by duby229 View PostOh good, how soon do they plan to remove Gnome Shell then? Or xorg? Or mono? Or -every- web browser?
EDIT: The point I'm making is that they just made a blanket statement that they cannot possibly achieve,
or else they would not have functional repository.
There seems to be some negativity here in this thread but frankly this is what i expect out of a distro and that is at least some attention to security. By the say this doesnt stop anybody from installing dodgy code themselves. It does make you responsible for security breached and questionable code.
In the end we might lose a handful of apps which is a small price to pay to get decent auditting.
- Likes 1
Leave a comment:
-
Originally posted by cybertraveler View PostI think it would be better for their users to keep the vulnerable packages, but...
- Likes 3
Leave a comment:
-
I think it would be better for their users to keep the vulnerable packages, but inform the users of current and historical vulnerabilities. This means the user still has the choice.
Their software centre program could provide this information.
For command line packages they could encode an extra field in the package labelled something like 'vulnerable'. If it is true, it would require the user to interactively confirm installation (having seen a warning) or non-interactively pass in a switch like '--allow-vulnerable-packages'.
- Likes 3
Leave a comment:
-
Originally posted by RahulSundaram View PostThat doesn't make much sense. You cannot read every proposal made to the project as a statement by the project. Anyone is allowed to file a ticket with a proposal at any time.
- Likes 1
Leave a comment:
-
Originally posted by duby229 View PostOh good, how soon do they plan to remove Gnome Shell then? Or xorg? Or mono? Or -every- web browser?
EDIT: The point I'm making is that they just made a blanket statement that they cannot possibly achieve, or else they would not have functional repository.
- Likes 1
Leave a comment:
-
Originally posted by duby229 View PostOr -every- web browser?
- Likes 2
Leave a comment:
-
How about you let me install whatever I want and as much as I want? Fedora needs more packages, not less.
- Likes 4
Leave a comment:
Leave a comment: