tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Adobe Reader

>>>>> On Tue, 02 Feb 2010 00:17:15 +0700, Robert Elz 
>>>>> <kre%munnari.OZ.AU@localhost> said:

>   | I don't think there is any actual user whose benefit is greater than
>   | her/his risk.
> My point was that this is not your responsibility - other users get to
> decide for themselves, using their own judgment, not yours.

I don't think so.
The history shows there are always users who are not smart enough.
To protect our users from stupid usage model is one of the duties
of packages maintainers, I think.
For smart users, they can always use acroread 4 and 5 without pkgsrc.
(Well, actually I don't think there is no smart user who'll use
acroread 4 and 5, though.)

> You can warn them of the dangers, and of course, you don't have to do
> anything to assist people do something that you think is wrong, or ill
> advised, but you don't get to make other people's decisions for them.

If I could think of any reason to use acroread 4 and 5, maybe I might
agree with you.  But I couldn't, and you still haven't show me any
such reason.

>   | Because users of your machine might use acroread despite of your
>   | suggestion
> What users?   My laptop, has me, and that's it.   If I don't use it,
> no-one uses it.   Now what was that danger?

Well, since you didn't say that your machine had only you as a user,
I just assumed there were some others.

>   | Showing too old version of acroread is not benefit at all, but
>   | just shame.
> It just shows that it exists, and that NetBSD has the same stuff available
> as other systems.

I don't agree with you about "same stuff available as other systems".
There is no other operating/package system which supports such old and
dangerous versions of acroread.  So, it's not same.
The fact that acroread 4 and 5 still exist in pkgsrc usually gives people
that pkgsrc is an anachronistic, negligent, careless and insecure system,
and leaves its users dangerous state.
Responsible package system should discourage their users using
insecure software, and the audit-packages command is not good enough
for in this particular case, because we already saw some people who'll
continue to use older acroread without any good reason.
Maybe unsupported category that quentin mentioned is ok, but I don't
think acroread is worth supporting it even in such category.
Even you are not using it.

Home | Main Index | Thread Index | Old Index