[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A registry for distributed sources and binaries
|
From: |
Tomáš Čech |
|
Subject: |
Re: A registry for distributed sources and binaries |
|
Date: |
Mon, 25 Jul 2016 09:18:49 +0200 |
|
User-agent: |
Mutt/1.6.1-neo (2016-06-11) |
On Sun, Jul 24, 2016 at 10:35:43PM +0200, Ricardo Wurmus wrote:
What do you think about that? Does this align with your vision?
What do others think? Is this something that would benefit the Guix
project and its audience?
I like the idea a lot.
I'm only concerned with security of such thing. When the number of
other package sources will grow, it should be ensured that some
package definition will not touch core/library without user
consent. If they will take packages from random sources (as they are
careful when downloading applications for windows from various sources
or reading licenses), it may easily become security threat to whole
system.
I'd be glad if we can stop using GUIX_PACKAGE_PATH environment
variable (which is a bit clumsy) and have support for multiple source,
with priorities (for cases of collisions) and maybe in future support
for some digital signatures.
\o/
S_W
signature.asc
Description: Digital signature
- Re: replying to a message of a mailing list you were not subscribed to, (continued)
- Re: A registry for distributed sources and binaries, John Darrington, 2016/07/24
- Replying to bug reports, Ludovic Courtès, 2016/07/25
- Re: A registry for distributed sources and binaries, Andy Wingo, 2016/07/25
- Reviewer assignment, Ludovic Courtès, 2016/07/25
- Re: A registry for distributed sources and binaries, Ricardo Wurmus, 2016/07/24
- Re: A registry for distributed sources and binaries, Pjotr Prins, 2016/07/24
- Re: A registry for distributed sources and binaries, Tobias Geerinckx-Rice, 2016/07/24
- Re: A registry for distributed sources and binaries, Pjotr Prins, 2016/07/25
- Re: A registry for distributed sources and binaries,
Tomáš Čech <=
- Re: A registry for distributed sources and binaries, Ludovic Courtès, 2016/07/25
- Re: A registry for distributed sources and binaries, Pjotr Prins, 2016/07/25
- Re: A registry for distributed sources and binaries, Pjotr Prins, 2016/07/25
[PATCH] Add Elixir (was: ), Ricardo Wurmus, 2016/07/25
- Re: [PATCH] Add Elixir (was: ), Pjotr Prins, 2016/07/25
- Re: [PATCH] Add Elixir (was: ), Ricardo Wurmus, 2016/07/28
- Re: [PATCH] Add Elixir (was: ), Vincent Legoll, 2016/07/28
- Re: [PATCH] Add Elixir (was: ), Pjotr Prins, 2016/07/28
- Re: [PATCH] Add Elixir (was: ), Ricardo Wurmus, 2016/07/28
- Re: [PATCH] Add Elixir (was: ), Pjotr Prins, 2016/07/28