I am a big supporter of the idea of a common repository format for all software management tools around Linux. Because if there would additionally be an easy way to include and exclude standard 3rd party repositories they would eventually find their way into more corporate environments, and would maybe become the default way to update software in Linux environments – at the moment we already have repositories for skype and macromedia, but there are plenty of companies which do not provide repositories at all.
But: whenever you install software from someone else, you should be aware that this person can gain total control of your entire system. The same is with repositories where a person can easily insert software packages which update your system packages (as long as you don’t specify the packages). And that’s a big security risk!
So big that no one should ever enable any third party repository he or she doesn’t fully trust in!
A very good example of what can happen when you activate the wrong repository is the so called Treviño Story. A repository maintainer of a small Ubuntu development repository got in the situation that suddenly his repository was used by much to many people – and he decided to change the wallpaper to a warning.
In my opinion he did exactly the right thing: showing people that they have to start thinking, without harming their systems. He could have done worse things, like automatically deleting his entry in the
sources.list or just transform all of these machines into zombies. And yes, the more favourite Linux becomes, the more problems we will see in the near future with captured and/or evil repositories.
One way to deal with such problems by the way would be to have two security mechanisms:
First one mechanism which makes it impossible for non-original repositories to replace a system package. And another mechanism which makes sure that non-original repositories are only allowed to install their stuff into
/opt/ or anything like that.
These two options would make the machine more secure – not perfect, but at least better.
But before we can start thinking about that we need two things first: a common and widely accepted and used package format and a common and widely accepted repository format. Shouldn’t be so hard even from a realistic point of view, but unfortunately nothing happens in that area.