Difference between revisions of "Talk:AUR helpers"

From ArchWiki
Jump to: navigation, search
(Secure column in comparaison table: re)
Line 23: Line 23:
  
 
::::: "Secure" simply means the PKGBUILDs aren't sourced ***before*** the user has a chance to inspect the PKGBUILD himself. Makepkg does source the PKGBUILD obviously, it doesn't mean using it is insecure (but using it blindly is). For example, packer source the PKGBUILD before showing it to the user, unless the --preview option is passed. And so does pacaur (when using the bash solver), although the PKGBUILDs are scanned for potential malicious pseudo code using sudo. Spyhawk 12:07, 15 May 2013 (UTC)
 
::::: "Secure" simply means the PKGBUILDs aren't sourced ***before*** the user has a chance to inspect the PKGBUILD himself. Makepkg does source the PKGBUILD obviously, it doesn't mean using it is insecure (but using it blindly is). For example, packer source the PKGBUILD before showing it to the user, unless the --preview option is passed. And so does pacaur (when using the bash solver), although the PKGBUILDs are scanned for potential malicious pseudo code using sudo. Spyhawk 12:07, 15 May 2013 (UTC)
 +
 +
::::::So, just to include also cower in the definition, I think a more correct formulation would be: ''"Secure means that the application, by default, doesn't source the PKGBUILD at all, or, before doing it, reminds the user and offers him the opportunity to inspect it manually"''.
 +
::::::Note though that the inspection of a PKGBUILD is always a separate human operation that the user has to do deliberately, and it's independent of the helper being used; this means that every "secure" application can be used insecurely if the user doesn't inspect the PKGBUILD, and vice versa every "insecure" application can be used securely if e.g. the user inspects the PKGBUILD through the AUR website.
 +
::::::Also, the "by default" clause is IMHO very important, in fact you could for example use packer with an alias that runs it with the --preview flag, thus making it a "secure" application, with just such a minimal change.
 +
::::::By the way, I haven't used yaourt for a while, but IIRC it used to let the user review the PKGBUILD after downloading it; it's not clear why it's not considered secure.
 +
::::::In the end, my opinion is that every application offers different degrees of security, and trying to sum all up in a Yes/No column is too simplistic: I would leave more verbose security considerations in the descriptions of every application above the table, or at least I would add some words in the "Specificity" column.
 +
:::::: -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 16:41, 18 May 2013 (UTC)

Revision as of 16:41, 18 May 2013

Authors of each front end should post a short (2-3 line) description of their creation, along with a homepage link and an AUR link (where applicable). A link to a screenshot page would also be nice (if applicable).

Secure column in comparaison table

Description says "tries to protect the user", I don't know what "tries" means but if we take the default behavior of aur helpers marked as secure :

  • owl remains on cower to download deps so, it doesn't source PKGBUILD but calls makepkg without further questions, so finally, PKGBUILD is sourced.
  • aura does the same
  • pbfetch sources PKGBUILD (even if it removes build ())
  • pacaur sources PKGBUILD (it can be configured to remains on cower)

...

As far as I know, only cower is secure (it builds/installs nothing) and spinach (and pacaur with secure on) ask before calling makepkg.

The only thing secure in dealing with AUR package is knowing what AUR is about.

Tuxce (talk) 12:50, 26 April 2013 (UTC)

I think it only means asking the user to look and check PKGBUILD, especially for download URL. So it can be renamed to "Check PKGBUILD". -- Fengchao (talk) 00:13, 27 April 2013 (UTC)
My guess is that the "Secure" column is an adaptation of the "Manually Parses PKGBUILD*" column in this old revision, see also the note at the bottom. -- Kynikos (talk) 06:50, 28 April 2013 (UTC)
Given that at the end, all AUR helpers (exept cower) call makepkg, PKGBUILD are sourced, so I think it should be removed. The word "secure" is just confusing.
For example, aurget can be considered more "secure" than owl or aura as it ask to review PKGBUILD before it being sourced.
Tuxce (talk) 20:05, 28 April 2013 (UTC)
Agreed, "Secure" without any kind of explanation doesn't mean anything. -- Kynikos (talk) 11:43, 29 April 2013 (UTC)
"Secure" simply means the PKGBUILDs aren't sourced ***before*** the user has a chance to inspect the PKGBUILD himself. Makepkg does source the PKGBUILD obviously, it doesn't mean using it is insecure (but using it blindly is). For example, packer source the PKGBUILD before showing it to the user, unless the --preview option is passed. And so does pacaur (when using the bash solver), although the PKGBUILDs are scanned for potential malicious pseudo code using sudo. Spyhawk 12:07, 15 May 2013 (UTC)
So, just to include also cower in the definition, I think a more correct formulation would be: "Secure means that the application, by default, doesn't source the PKGBUILD at all, or, before doing it, reminds the user and offers him the opportunity to inspect it manually".
Note though that the inspection of a PKGBUILD is always a separate human operation that the user has to do deliberately, and it's independent of the helper being used; this means that every "secure" application can be used insecurely if the user doesn't inspect the PKGBUILD, and vice versa every "insecure" application can be used securely if e.g. the user inspects the PKGBUILD through the AUR website.
Also, the "by default" clause is IMHO very important, in fact you could for example use packer with an alias that runs it with the --preview flag, thus making it a "secure" application, with just such a minimal change.
By the way, I haven't used yaourt for a while, but IIRC it used to let the user review the PKGBUILD after downloading it; it's not clear why it's not considered secure.
In the end, my opinion is that every application offers different degrees of security, and trying to sum all up in a Yes/No column is too simplistic: I would leave more verbose security considerations in the descriptions of every application above the table, or at least I would add some words in the "Specificity" column.
-- Kynikos (talk) 16:41, 18 May 2013 (UTC)