On Wednesday 31 October 2007 22:28:57 wrote Aniruddha:
I wonder what are the security policies for openSUSE? What are the chances for malicious software (rootkits, trojans) being offered through the build service?
What is the procedure for security holes and/or exploits in software offered in the openSUSE build repositories? I get the feeling openSUSE is becoming just as insecure as Windows hence the warning you get when adding repo's with 1-click install (see attachment). Or am I mistaken? Any info would be appreciated!
The 1-click install still asks for the root passwort, so it is as unsecure as installing rpms manually. It just helps the user to do it more easily.
The "unsecure Windows" did not ask for extra permissions in the old days. But they improved also a bit more meanwhile.