RFC: Soname in rpm name
Mike Hearn
mike at navi.cx
Mon Jan 24 19:25:44 UTC 2005
On Mon, 24 Jan 2005 10:02:52 -0500, Jeff Spaleta wrote:
> And I might add.. that while users and admins.. might want to install
> many other apps from anywhere on the net that the find them... this is
> not necessarily advisable behavior. You continue to cater to this
> sort of thing and you will end up with people install very old
> libraries that are no longer being maintained so that they can install
> very old applications that are no longer being maintained and could
> have unresolved but well understood security problems. I'm really not
> sure its in anyones best interest to make it really drop-dead easy to
> install unmaintained software that might be expoitable simply because
> the package was created in 2000.
Wow - 2000 is only 5 years ago guys. There are *lots* of people still
running programs designed for Windows 95, which is now 10 years old!
Face it: people will run the software they want. If you make it difficult
or annoying for them out of a misguided sense that
security-through-obnoxiousness is OK, they'll just use Windows which
doesn't do much for security at all but at least makes it easy for the
user to achieve their goal.
The best solution is for libraries to not break backwards compatibility
every other week, that way security fixes are magically present even for 5
year old apps.
Seriously, 5 years is really nothing, it's all about mindset.
thanks -mike
More information about the fedora-devel-list
mailing list