Between long stints of playing offline VS mode in Super Smash Brothers Brawl to unlock all the characters and stages, I found this article about apturl on Digg (this seems to be the link for the project). From the blog post:
Imagine the next time you are trying reading a great list of Ubuntu programs. One of them catches your eye, and you want to try it. Instead of either using Add/Remove or opening a terminal to install the program, you simply click a link. A message box pops up asking you if you want to install the program, and then you enter your password,
Upon first gaze, this may seem like a sort of security hazard, however this is not the case.
First and foremost, only applications that are available for install must be in the repositories currently specified in sources. So, by default, there are no applications in the repositories that can screw up your system. I’m sure there are applications in the repository that, if installed without understanding what they do, can screw up something on your system. However virii, rootkits and other such programs aren’t really a problem. Any sort of third party repository must manually first be inserted into sources.list before anything outside of the default repository can be used. And before anyone does that, they should proceed with caution. However modifying sources.list goes beyond the scope of this post.
Lastly, any requests to install applications get passed directly to apt-get on the back end, which in my opinion, is a pretty application as is. That being said, you can’t do anything with this addin that you can’t do directly with a shell. Although it is theoretically possible (though extremely, and I can’t stress this enough, extremely improbable) to do something malicious with this, worst case scenario apt crashes. Any sort of root shell possibility remains local to the computer. Personally I think for this to be of any risk at all, a person still needs an account on the local computer as well as the account being in the sudoers file. And if a person already has that, well they are free to do as they please.
The benefits of this, especially for the desktop Ubuntu world, is enormous. Traditionally, guides on installing anything on Ubuntu have made references for the user to type things into the shell. While not a big deal at all, a user who is not well versed in the GNU/LInux ways (say, a user making the switch from Windows to Ubuntu) may find that a bit overwhelming. One of the advantages Windows has had in the desktop market is the ability to do everything through a graphical user interface. Packages such as Synaptic try to ease the burden of typical users by offering a graphical front end for apt, however still not a complete solution. With the use of apturl, install guides can me made much simpler for the end user. Instead of having to open a terminal and apt-getting multiple different packages to set something, up, the user can stay on the guide page and just click to install, making setup much simpler.
Although a fantastic solution, as well as a wonderful weapon in the fight for GNU/LInux domination of the desktop market, I will be sticking with my shell :).