[M3devel] Getting ready for new users (Re: HEADS UP: Release engineering)

hendrik at topoi.pooq.com hendrik at topoi.pooq.com
Fri Jun 26 17:17:07 CEST 2009


On Fri, Jun 26, 2009 at 03:19:44PM +0000, Jay wrote:
> 
> Security not be damned.
> You can sign executables.
> You can open them in winzip instead if you want (if they are self extracting .zips).

True.  But most of the WIndows users I know just execute them.  Their 
problem. not ours.  If ours executes properly, that is.

> Where is the line between running the installer vs. running the code 
> it installs, anyway?

The disaster is faster.  There's less time for antivirus tools to 
detect trouble.  But let's not start a long thread about how to make 
Wiondows secure.  Not our job.

> I guess the installer runs maybe privileged and its payload does not.
>   But that isn't required for cm3, you can install to $HOME.
> People also often just distribute non-self-running .MSI files.
>  That would be a good option.
>  
>  - Jay
> 
> 
> ----------------------------------------
> > Date: Fri, 26 Jun 2009 11:06:45 -0400
> > From: hendrik at topoi.pooq.com
> > To: m3devel at elegosoft.com
> > Subject: Re: [M3devel] Getting ready for new users (Re: HEADS UP: Release engineering)
> >
> > On Thu, Jun 25, 2009 at 08:43:11PM +0000, Jay wrote:
> >>
> >> There's no need for Winzip if we use .zip files, explorer handles them.
> >>
> >> It is also easy to make self extracting .zip files.
> >
> > That's the way to go -- it's the popular archive format for Windows, security
> > be damned!
> >
> >>
> >> And untrusting users can just run unzip on them or rename them to .zip and open with Explorer, it's quite nice, except that for running, they don't run on many systems.
> >>
> >>
> >> - Jay



More information about the M3devel mailing list