lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0911041710530.2927@artax.karlin.mff.cuni.cz>
Date:	Wed, 4 Nov 2009 17:40:02 +0100 (CET)
From:	Mikulas Patocka <mikulas@...ax.karlin.mff.cuni.cz>
To:	"Ryan C. Gordon" <icculus@...ulus.org>
cc:	Alan Cox <alan@...rguk.ukuu.org.uk>,
	Måns Rullgård <mans@...sr.com>,
	linux-kernel@...r.kernel.org
Subject: package managers [was: FatELF patches...]

> Package managers are a _fantastic_ invention. They are a killer feature 
> over other operating systems, including ones people pay way too much money 
> to use.

No, package managers are evil feature that suppresses third party software 
and kills Linux success on desktop.

Package managers are super-easy to use --- but only as long as the package 
exists. No developer can make a package for all versions of all 
distributions. No distribution can make a package for all versions of all 
Linux software. So, inevitably, there are holes in the
[distribution X software] matrix, where the package isn't available.

- With Windows installers (next - next - next - finish), even a 
  technically unskilled person can select which version of a given 
  software he wants to use. If the software doesn't work, he can simply 
  uninstall it and try another version.

- With Linux package managers, the user is stuck with the software and 
  version shipped by the distribution. If he wants to install anything 
  newer or older, it turns into black magic and the typical desktop user 
  (non-hacker) can't do it.

- For non-technical user who can't compile, getting newer software for 
  Linux means reinstalling the whole distribution to a newer version. So, 
  "upgrade one program" translates into "upgrade all programs" (that will 
  bring many changes that the user didn't want and new bugs)


Let me say that instead of making a single binary for multiple 
architectures, you should concentrate on developing a method to make a 
single binary that works on all installations on one architecture :)

Mikulas
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ