This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
RE: Cygwin-wnpp#20050831T2001 ITP: bzr -- Next-generation distributed GNU Arch compatible version control (Python)
- From: "Dave Korn" <dave dot korn at artimi dot com>
- To: "'devel list \(subscriber only\)'" <cygwin-apps at cygwin dot com>
- Date: Thu, 1 Sep 2005 10:44:06 +0100
- Subject: RE: Cygwin-wnpp#20050831T2001 ITP: bzr -- Next-generation distributed GNU Arch compatible version control (Python)
----Original Message----
>From: Jari Aalto
>Sent: 31 August 2005 21:15
> B) or do this (preferred)
> mkdir bzr ; cd bzr
> wget -q -O - http://cygwin.cante.net/bzr/get.sh | sh
Um, from a security point of view, that's one of the most appalling things
I've ever seen suggested in my life. Literally. Pipe the content of some
random file on some random internet host straight into a shell without even
looking at it first? Not on your life! I appreciate that you may feel your
site is secure and nobody could possibly tamper with the file and nothing
could go wrong, but that is still a highly risky way to distribute software.
And besides, how do _we_ know you can be trusted ? :-O
http://cante.net/~jaalto/ just says "test page" and that was an unsigned
email and I don't have your public key anyway. How do we even know you
_are_ Jari Aalto ?!
cheers,
DaveK
--
Can't think of a witty .sigline today....