It's just that the OP mentioned that
when i run azureus installation from the terminal i get this [root@localhost azureus]# ./azureus
Which to me looks like he is installing Azureus. So I didn't understand the point of mentioning not to run the program as root, as that was not what he was doing.
Well, an install would look to me more like "make install", but never having installed Azureus myself, this may well be how it's installed. I don't know.
As a by-the-way, how am I to know who to trust when I install software? I have installed many things from sourceforge. Can I be certain to trust every author on sourceforge?
No, you can't. It is not unknown for attempts to be made to install backdoors in the source code for well-known projects. The Linux kernel itself and sendmail have seen such attempts, and there are probably many more examples.
> Because I feel like if
I'm downloading something, su, then running (installing) it, I am doing something unsafe.
You are. Ideally you'd review the code yourself but in most cases this is impractical. It's certainly good practise to check any signatures that are supplied by the author to verify the integrity of the source code, but that doesn't help you if the author has inserted the bad code himself. Another precaution might be to install only well-established software, which has built up a good reputation.
> Not everything is available in yum.
For that matter, how to be sure that all which is included in yum is safe?
Again, you can't. You have to trust the packager as well as the original author. It boils down to how much you trust each repo.
Paul.
