Security

Posted Sep 1, 2014 17:00 UTC (Mon) by rahulsundaram (subscriber, #21946)
In reply to: Security by cyperpunks
Parent article: Poettering: Revisiting how we put together Linux systems

What you claim is true only if all apps are installed using distribution repositories. real world deployments often have ad hoc installations and what is being proposed might help with that pain.

Security

Posted Sep 1, 2014 17:26 UTC (Mon) by cyperpunks (subscriber, #39406) [Link] (2 responses)

Not if the ad hoc installed apps are using system libraries.

Security

Posted Sep 1, 2014 21:12 UTC (Mon) by rahulsundaram (subscriber, #21946) [Link] (1 responses)

Which they often don't. Instead ad-hoc installations tend to bundle the libraries because they want to be independent of the distribution.

Security

Posted Sep 2, 2014 9:52 UTC (Tue) by NAR (subscriber, #1313) [Link]

I did use a software that bundled the openssl library because they wanted to be independent of the distribution. Of course they failed, because a newer version of the same distribution had newer glibc with new bugs, so after an OS upgrade the software stopped working...