My opinion is this: anything downloaded from anywhere is suspect if you
really want to be extremely scrutinizing...what about rubycookbook? Are you
going to carefully scrutinize every line of code to make sure there's
nothign malicious in there? for small snippets sure, but as modules get
bigger, no way...what about RAA? Don't people download code from there and
use it daily?
I agree that security is important, but bottom line, we're not seeking to do
anything really different here...i understand there's inherent danger in
autoloading something from the web and running it, but is it that different
from downloading, moving to a directory, then using it if you're not going
to scan through it? Security is certainly important but you'll never reach
100% safety...

Jack

> No, that's not true. I'm entirely sure it's not sufficient. I can think of
> many, many ways to crock this. You're counting on the remote keyserver
> being trustworthy (they aren't), DNS being trustworthy (it isn't), that
the
> signing entity is trustworthy (they aren't), and that the source you're
> fetching is safe to use sight unseen (it isn't).

Sorry, I must be missing something or just be mad, because I installed
my Debian from scratch from the net.  If they can guarantee the
integrity of a distribution, moreover downloaded over http with no
notion of keys or such, I guess it should be possible to guarantee the
integrity of a code library, should it not?

> Yeah, these are all potential issues when installing any chunk of code
from
> the net, but at least with a manual install you have a chance to check
> things out even if you choose not to. With automagic loading, you take all
> the potential checks out of the process.

``apt-get program-name'' does not give very much to check. ;-)

Massimiliano