> > > Pavel, the problem here is your fundamental distrust.
> > By giving me binary-only installer you ask me to trust you. You ask me
> > to trust you without good reason [it only generates .tar.gz and
> > shellscript, why should it be binary? Was not shar designed to handle
> > that?], and that's pretty suspect.
>
> Bitmover doing anything remotely suspect in an executable installer
> would be commercial suicide, do you distrust realplayer too?
I've seen windows installers doing *very* suspect stuff.
I distrust realplayer, too, but I think those people are bad enough
that there's no point complaining. I believed Larry could see that
binary installers are evil.
> did you distrust early netscape before they released source?
Yep.
> yada yada countless other programs..
Actually, I only ever did binary installation of realplayer, as far as
I can remember. And that was at time national television died, and I
wanted to know what's going on.
> If your distrust of commercial organisations providing binaries
> is so great, you know where objdump, strace and friends are.
strace does not solve the problem (it is trivial to detect you are
traced), and I do not think Larry should require me to objdump
installer.
[You see, binary-only installers are total nightmare from security
perspective. They are widespread on windoze, and it *is* problem
there. I do not want them on linux.]
Pavel
-- Casualities in World Trade Center: ~3k dead inside the building, cryptography in U.S.A. and free speech in Czech Republic. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/