Applications and bundled libraries

Posted Mar 18, 2010 16:51 UTC (Thu) by viro (subscriber, #7872)
In reply to: Applications and bundled libraries by Frej
Parent article: Applications and bundled libraries

And when somebody finds an overflow in aforementioned libpng, they are supposed to try and catch every duhveloper that happens to use said library, explain to each why multiplication overflow is a bad thing (starting with "what's multiplication?" in a lot of cases), then convince them to update their stuff, then upgrade every such crapplication on every box out there.
Including laptops. _Wonderful_.

to post comments

Applications and bundled libraries

Posted Mar 18, 2010 20:34 UTC (Thu) by Frej (guest, #4165) [Link]

Sure under the assumption of a crapplication and duhveloper the implication is that bad things
happen. But i don't agree the assumption is always true ;).

It a question of trust, why force the user to only trust the distro? Sure other models have the
problem you state - but why can't we build a system where it doesn't happen? just because
applications bundle stuff, they can still hook in to the same updater the admin/user runs.

A distro letting go of control does not mean that the that sysadmin has less control/more work..
We can do both, it's just harder and new territory.