RPM roadmapping
Arthur Pemberton
pemboa at gmail.com
Sat Jul 28 21:14:34 UTC 2007
On 7/28/07, seth vidal <skvidal at linux.duke.edu> wrote:
> On Sat, 2007-07-28 at 14:53 +0000, Kevin Kofler wrote:
> > Panu Matilainen <pmatilai <at> redhat.com> writes:
> > > - RPM is not an ftp/http client, it's a package manager.
> >
> > Am I the only one who things that being able to rpm -Uvh http://....rpm is a
> > nice feature?
>
> it's not an issue of it being a nice feature - it is an issue of whether
> it is a good idea to maintain the code. Keep in mind - rpm has its own
> http/ftp client included. It's not using curl or wget. All its own code.
> That seems a bit much to maintain esp when the majority of people using
> rpm do it through a higher level language that already has a http/ftp
> client.
>
> the best way to make rpm reliable and consistent is to strip out all
> things that are unnecessary.
>
> -sv
I would imagine this opens RPM up to remote attacks too.
--
Fedora Core 6 and proud
More information about the fedora-devel-list
mailing list