RFC: On-demand package installation API in kdelibs

Martin Gräßlin kde at martin-graesslin.com
Wed Jul 28 21:29:15 BST 2010


On Wednesday 28 July 2010 22:19:51 Martin Sandsmark wrote:
> On Wed, Jul 28,
2010 at 10:10:22PM +0200, Martin Gräßlin wrote:
> > There is an easy way to
fix that problem. Fedora illustrated it, but
> > had to revert: don't ask
for the password if you want to install from a
> > trusted repository. This
is a perfect example why Fedora was right on it.
> > We all see that we need
and want that functionality and we are
> > discussing to not do it, because
it could be used by $BADGUY to trick
> > $STUPIDUSER in typing their
password in $WINDOW. So if we minimize the
> > cases where the password is
entered, the risk decreases. But that's
> > quite off-topic to the
discussion, hmm thinking about it, protecting
> > stupid users from being
stupid is also offtopic.
> 
> I disagree that it was the easiest and best
solution. The easiest and best
> solution is to simply tell the user what is
missing, and ask him to
> manually install it through the normal package
manager ('Please install
> "Extra codecs for KDE" to play these files.').
My
mother does not know how to open the package manager, does not know what a
package manager is and has no idea what codecs are and what KDE is. But she
wants to listen to music. With the idea Lubos proposed she would be able to
listen to music, with your idea, she wouldn't.

But if I understand the
proposed idea correctly distributions aiming for users could provide the
easy way, while distributions aiming for experienced users could just say
"install package".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20100728/f3ec1c07/attachment.sig>


More information about the kde-core-devel mailing list