On Thursday 01 November 2007 09:01:27 wrote Aniruddha: ...
"Something" must be *terribly* wrong somewhere as no "problems" I am aware have been made public.
That is no argument. Right now apparently openSUSE has a big gaping security hole which can be exploited in the future. And who should make us aware of "problems" when none checks the repos' anyways?
Not more or less than installing the software from somewhere else ...
But I agree that this could be way more transparent, we did plan to create a "trust" portal from the beginning, it is just work to do so.
As long as we want to have lots of software and always the latest version, the user needs to decide if he trust it. But we can help him here.
I understand your concern, you have NO trust of anyone. I believe there is a word for that, but....
Trust is no replacement of good security policies.
Well, a policy helps you nothing, if you do not trust the people. They can ignore it easily.