Adventurous yet Safety-Minded
Alexander Kahl
e-user at fsfe.org
Thu Mar 11 14:57:05 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/11/2010 03:05 PM, Tomas Mraz wrote:
> On Thu, 2010-03-11 at 11:53 +0100, Alexander Kahl wrote:
>> Oh, and by the way, we could leave behind all those discussions
>> regarding dynamic linking: RPATH for everything and everyone. If you've
>> linked against libfoo-4.2-2 during build time, libfoo-4.2-2 will be
>> present during runtime, same location, same file. Period. :)
>
> I'm sorry for not studying the Nix concepts in depth, but can you please
> answer me just a simple question how security or other critical bugfixes
> _in libraries_ are handled under this "RPATH for everything" paradigm?
Yep: Nix is a mixed source/binary distro, as far as I understand the
documentation, stuff gets (re)build locally when necessary; furthermore
Nix uses PatchELF: http://nixos.org/patchelf.html
I've been running NixOS in a VM for a while and created Nix RPMs for
Fedora (unreleased though) to investigate and understand the system better.
Furthermore the system heavily relies on automated testing and nightly
builds before pushing out anything anywhere.
- --
Alexander Kahl
GNU/Linux Software Developer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkuZBMEACgkQVTRddCFHw12SoACePlZeFvrG/SVpgeFN/E2Uf1Be
BM0AoKHYEcAVrNch5MisXtK4LbeS7Vkb
=nSwo
-----END PGP SIGNATURE-----
More information about the devel
mailing list