ESR: Goodbye Fedora- big picture
Steve Friedman
steve at adsi-m4.com
Thu Feb 22 22:06:01 UTC 2007
On Thu, 22 Feb 2007, Tom Horsley wrote:
> On Thu, 22 Feb 2007 10:59:16 -0800
> "John P. Fisher" <john.fisher at znyx.com> wrote:
>
>> 3) I guess if I could wave a wand, I'd have a set of common fundamental
>> libraries that get shared and maintain compatibility between distro
>> releases, and everything else would be handled by the applications
>> themselves. Maybe this is plain dumb, but it sure would be easier for me...
>
> I'd just have every single app have its very own versions of every library
> it needs with a reaper that runs around at low priority hard-linking
> the ones that are identical :-).
>
>
Then you've forgotten the zlib security issues of only 5 years ago. A
security vulernability was found in a compression library common to over
500 apps. Those that dynamically linked to zlib were patched with a
single upgrade; however, large numbers of apps had to be recompiled
because they statically linked to zlib. This was a *major* security
crisis -- and *many* apps/utilities switched to dynamic linking of zlib
(and other common libraries) to avoid this happening again.
Steve Friedman
More information about the fedora-list
mailing list