Linked by Thom Holwerda on Wed 16th Dec 2009 21:38 UTC, submitted by whorider
Privacy, Security, Encryption This news is already a week old, but it only got submitted to us today, and I didn't notice it all. As it turns out, two malicious software packages had been uploaded to GNOME-Look.org, masquerading as valid .deb packages (a GNOME screensaver and theme, respectively).
Permalink for comment 400207
To read all comments associated with this story, please click here.
Is it really necessary?
by dreamlax on Fri 18th Dec 2009 01:22 UTC
dreamlax
Member since:
2007-01-04

Is it really necessary for themes and screensavers to be "installed"? If there was an easily accessible place in the user's home directory, like "~/Library/Screen Savers" on OS X, and another directory for themes, then packages with installers that must be run as root would be completely unnecessary, and the possible damage would be limited to the user's privileges.

This isn't really about Gnome-look's lack of moderation, this is Gnome's fault for making something as easy as storing themes and screensavers difficult enough to warrant the use of a package management system that can only be fiddled with if you have root privileges.

Reply Score: 1