DSL Ideas and Suggestions :: wish list for the new version, dsl 5.0

Quote

...you could be behind a hardware firewall with no ports open...

Oh, the insane "Puppy defense." Which is irrelevant if you have buggy software that's exploitable either through computers on your own network or via cross scripting (XSS) and other exploits. Take a look at the changelogs for software like OpenOffice and Firefox (all Mozilla products -- popularity increases the likelihood criminals will find exploits). If you're using a browser, you're opening your computer up to exploits, firewall or no firewall. If you only browse sites that are legit and well-managed, you're probably safer than someone who indiscriminately click on links. And no, the danger isn't limited to your browser or to your OS. You can be pwned via Flash, QuickTime, etc., while using OSX, Linux, or Windows. And I suppose the more naive and gullible you are about your level of security because you think you're safer using one OS or another, the more at risk you probably are.

E.g. (and using Apple as an example of sh*tty programming that endangers users):
http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox/

I suppose that means extensions are out, because you need the latest updates on all your software. OK, back to Windows...thanks..

Quote

I suppose that means extensions are out, because you need the latest updates on all your software.

Not necessarily. While updates can include security fixes, they often contain new features or the security fixes cause bigger, more, or other issues (see Firefox). Sometimes the newer the release, the buggier and more susceptible something is. Compare Firefox 1.x and 2.x changelogs. With more complexity in code comes more potential and exploitable vulnerabilities.

Back to Windows? Vista is definitely a step up security-wise from OSX and Puppy. And all of this is way off topic now.

Quote (lucky13 @ July 20 2008,02:00)

And all of this is way off topic now.

Yes, but interesting all the same. Thanks for the lively exchange.

edit: BTW, you don't have to run puppy in root.

I guess I missed out on another thread about dslcore extensions.
From what I've read I think the future could be far too complicated
for me and the majority of newbies. The scripts idea was not bad but
the intellectual overhead of actually installing an extension may leave
many people bewildered. Complexity can be a real killer of projects.

In view of the future that there might not be anymore ucis or dsls,
I have thus decided to make my own extensions based on the 'completely
self contained system' of opt. The key concept here is 'single directory'.

A linux single directory package (lsd) can be un-tarballed anywhere.

An lsd has all files wether it be source or binaries, .etc
under a single directory. There will be standard subdirectories for
icons, links and scripts, sources, whatever. I guess if needed some scripts
can do compilation but the idea is just plain updating of wm menus & icons.
For non-self-contained files, and let's face it, no package is completely
self-contained, the installer scripts can copy those files to the system
directories. There may also be un-installing scripts. The scripts will need
standard names for automation.

The license handling is ofcourse the responsibility of the packager, of
which there must be a standard read-me file (similar to .info).

At the moment I'm just collecting plain old tarballs or converting them
from ucis.

Next Page...
original here.