ESR: Goodbye Fedora- big picture
John P. Fisher
john.fisher at znyx.com
Fri Feb 23 00:16:40 UTC 2007
Steve Friedman wrote:
>
>>> 3) I guess if I could wave a wand, I'd have a set of common fundamental
>>> libraries that get shared and maintain compatibility between distro
>>> releases, and everything else would be handled by the applications
>>> themselves. Maybe this is plain dumb, but it sure would be easier
>>> for me...
>>
>> I'd just have every single app have its very own versions of every
>> library
>> it needs with a reaper that runs around at low priority hard-linking
>> the ones that are identical :-).
>>
>>
>
> Then you've forgotten the zlib security issues of only 5 years ago. A
> security vulernability was found in a compression library common to
> over 500 apps. Those that dynamically linked to zlib were patched
> with a single upgrade; however, large numbers of apps had to be
> recompiled because they statically linked to zlib. This was a *major*
> security crisis -- and *many* apps/utilities switched to dynamic
> linking of zlib (and other common libraries) to avoid this happening
> again.
>
> Steve Friedman
>
Good point. Is it possible to draw some sort of line in the virtual sand
and say these are shared, and those are up to the application? I've been
griping for years about the way apps install themselves in all 3 desktop
Oses, this zlib point clobbers one of my ideas for sure, but maybe they
*all* have to be shared, so thats how we got in this mess.
More information about the users
mailing list