Software Updater requires installation of untrusted packages
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
update-manager (Ubuntu) |
Triaged
|
Medium
|
Unassigned |
Bug Description
Software updater tells me it requires installation of untrusted packages. It says, "This requires installing packages from untrusted sources."
But it does not tell me what packages are untrusted. It does not tell me what untrusted sources it is required to retrieve packages from. And it does not tell me why these packages and sources are untrusted. It neither offers any way of learning this information.
It also denies me any choice in the matter. The warning dialogue has two actions. One is <settings>, which is clearly useful for anyone who already knows the answers to the unanswered questions raised above. The other is <OK>, an invitation to go ahead and install the anonymous untrusted packages from the anonymous untrusted sources. There is no option to decline the installation of these packages.
Being a user of but little knowledge, it just so happens that the little knowledge I have tells me not to install anonymous untrusted packages from untrusted sources. It's the sort of thing parents tell their children nowadays after saying they shouldn't talk to strangers.
So I do the only thing I can, short of spending a week of nights and weeks more nights to learn what it is all about. (If only I had so much time). I close <X> the window and hope it goes away. But it has come back again. I think it might keep coming back. What if it's an important piece of software? What if my operating system fails because I won't let it install anonymous untrusted packages from untrusted sources? And what oh! of the tragic irony if I end up getting malicious anonymous untrusted packages from untrusted sources getting in through a breach in my security left by my refusal to install anonymous untrusted packages from untrusted sources?
ProblemType: Bug
DistroRelease: Ubuntu 13.04
Package: update-manager 1:0.186.1
ProcVersionSign
Uname: Linux 3.8.0-27-generic x86_64
ApportVersion: 2.9.2-0ubuntu8.3
Architecture: amd64
Date: Sat Aug 17 12:18:55 2013
GsettingsChanges:
b'com.
b'com.
b'com.
b'com.
b'com.
InstallationDate: Installed on 2012-11-28 (261 days ago)
InstallationMedia: Xubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.1)
MarkForUpload: True
PackageArchitec
SourcePackage: update-manager
UpgradeStatus: Upgraded to raring on 2013-05-14 (94 days ago)
Changed in update-manager (Ubuntu): | |
importance: | Undecided → Medium |
status: | Confirmed → Triaged |
I agree that a user finding themselves in this situation would likely have very little idea of the best path forward; some guidance from the software would be nice to have.
Thanks