Hi, Eberhard Moenkeberg schrieb:
If you will give me an rsync access to your repository, I would like to mirror your repositories at
ftp://ftp.gwdg.de/pub/linux/misc/suser-vfernand/ http://ftp.gwdg.de/pub/linux/misc/suser-vfernand/ rsync://ftp.gwdg.de/pub/linux/misc/suser-vfernand/
and include them into the apt repositories at ftp.gwdg.de.
I have a question... maybe it's not worth to discuss... but I'm concerned with this for a while now. First of all: I have no problems with Victor becoming an suser or so. I'm using the repositorys of the susers, too. And i like it, that there are a lot of packages you can't get elsewhere. I have just a Problem with the concept of the suser-trees. As some susers, I've talked to, told me, it wasn't necessary for them, to disclose their identity or so. They had not to tell you (or another admin, i don't know...) their real name, nor a copy of the identification card or something like that... the rpms are only gpg-signed, so that it is sure, that someone called suser-xy has built the packages. I see the problem, that it could be possible, to someone wanting to damage the SUSE community, to build packages with scripts who do rm -rf / or something similar, and if the rpm is given a version-number higher as the ones from SUSE or Packman, a lot (all?) of the apt4rpm-User will get a packages with bad scripts... And yes, there are a lot of people wanting to damage the linux-communitys. About a year ago, there has been a DDoS - attack with more of 90000 IPs on one of the servers of http://linuxforen.de. I can't really imagine, why someone does things like that, but there were news, that a lot of linux-side-companys were attacked like that, too. For this people, who want to disadvantage linux-community, would be the easiest to upload bad rpms. I don't know, how this is managed by Debian or other community-projects, or if the packages are checked automatically by some way... greets Soeren