Re: Too many dependencies?
From: Andy Green (fedora_at_warmcat.com)
Date: 04/07/04
- Previous message: duncan brown: "Re: Digital music volume problem."
- In reply to: Robin Laing: "Re: Too many dependencies? was: Is Linux always so frustating?"
- Next in thread: M. Fioretti: "Re: Too many dependencies?"
- Reply: M. Fioretti: "Re: Too many dependencies?"
- Reply: Robin Laing: "Re: Too many dependencies?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: For users of Fedora Core releases <fedora-list@redhat.com> Date: Wed, 7 Apr 2004 20:59:34 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 07 April 2004 20:28, Robin Laing wrote:
> If you have to install a whole package to meet one dependency then we
> are starting to fall into the Microsoft trap of making applications
> depend on unwanted/unrequited applications. Any extra application can
> become a security issue that could allow a presently unknown type of
> attack. We see it almost every day in Windows.
I see this the other way around... the increased modularity tends to drive out
bugs in the parts that are getting reused from many directions. Because
everything GPL'd is reusable at no cost, reuse is more likely than if your
proprietary paid-for product had to incorporate another paid-for product.
The modularity and reuse is a great feature, assuming it got architected into
the right parts.
I was looking through the source for CUPS and SWAT the other day trying to see
what library they used for their local HTTP serving. To my surprise they
both rolled their own different solutions right there in the sources. Would
have been better if they both used some kind of lightweight libhttp... (as I
was expecting to see) all the devs from both projects would have been all
over the one implementation which could only have benefitted. Instead there
are two less-evolved network-listening, potentially remotely exploitable
implementations (seems some folks aren't running the firewall) out there. A
new dependency would be no price at all to pay for the improved reusability
and robustness.
- -Andy
- --
Find your answer without waiting for replies....
Searchable list archives at
http://marc.theaimsgroup.com/?l=fedora-list&r=1&w=2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAdF2mjKeDCxMJCTIRAqMRAJwMFsb/+0cnlSmecjEO35RVS4wTZwCgkdah
a1ED+yO/Rz07LB2GU2uu7mo=
=lCtB
-----END PGP SIGNATURE-----
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: duncan brown: "Re: Digital music volume problem."
- In reply to: Robin Laing: "Re: Too many dependencies? was: Is Linux always so frustating?"
- Next in thread: M. Fioretti: "Re: Too many dependencies?"
- Reply: M. Fioretti: "Re: Too many dependencies?"
- Reply: Robin Laing: "Re: Too many dependencies?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
