[go: up one dir, main page]

|
|
Log in / Subscribe / Register

Rant

Rant

Posted Nov 8, 2018 18:42 UTC (Thu) by Cyberax (✭ supporter ✭, #52523)
In reply to: Rant by jccleaver
Parent article: Limiting the power of package installation in Debian

So how is "curl | sudo" different from adding a repository and doing "apt-get install"?


to post comments

Rant

Posted Nov 8, 2018 20:36 UTC (Thu) by rweikusat2 (subscriber, #117920) [Link] (1 responses)

This depends on how much the person who created the repository hates you and wants to hurt you. For the most general case, the package you're installing could just contain a script running curl | sudo as root.

Assuming an attempt was made to create sensible packages, one will have the usual benefits of using managed packages, eg, query which packages were installed, which files belong to which packages, update or remove installed packages easily, doing OS updates without "clean reinstalls" etc.

I've extensivley done both in the past and in my opinion, packages are a lot less of a hassle to deal with. YMMV. But it's worth a try.

Rant

Posted Nov 9, 2018 6:27 UTC (Fri) by flussence (guest, #85566) [Link]

>This depends on how much the person who created the repository hates you and wants to hurt you.

In practice it's usually repositories run by billionaire corporations like Microsoft, Google and Valve that are the most likely to hurt you. Repositories where it's an actual person's neck on the line usually have some semblance of QA.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds