Thanks for your input on the matter. I would find it no problem to make it
optional or to be able to cancel it. If APT doesn't have the functionality
then a question before the process is started could work as well (I'd
prefer if it defaulted to yes though - secure by default).

The recent openssl issue, although hopefully rare, is a prime example
where we would have greatly benefited from a security update being
installed before users actually started to use the system.


To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org