[NTLUG:Discuss] apt-get, rpm and library versioning (was: Debian)

Leroy Tennison leroy_tennison at prodigy.net
Sat Jun 25 01:10:53 CDT 2005 

Burton Strauss wrote:

> 
>
>-----Original Message-----
>From: discuss-bounces at ntlug.org [mailto:discuss-bounces at ntlug.org] On Behalf
>Of Leroy Tennison
>Sent: Thursday, June 23, 2005 11:09 PM
>To: NTLUG Discussion List
>Subject: Re: [NTLUG:Discuss] apt-get, rpm and library versioning (was:
>Debian)
>
>Burton Strauss wrote:
>
><snip />
>
>  
>
>>You know, I think it's time to stop trying to simplify our life.  If
>>    
>>
>SuperDuperFunction is going to be 
>  
>
>>so much different than SuperFunction then create >another library.  Yes,
>>    
>>
>this profilerates 'executables' 
>  
>
>>but allows older code to still work without creating a 'jet-powered
>>    
>>
>stagecoach' combination of the latest 
>  
>
>>and greatest whiz-bang features along with backwards compatibility.  DASD
>>    
>>
>is getting really cheap, may 
>  
>
>>as well use it.
>>    
>>
>
>
>Nope, that's no better.
>
>You end up with 100s of versions of popular libraries hard linked into
>programs (that's what STATIC linking does).
>
>Then when you find a problem in, say, OpenSSL, you have to replace EVERY
>single hard-linked package.  Miss ONE and you are exposed to the security
>problems.  Dynamic linking means you only have to replace the one .so file.
>
>
>-----Burton
>
>
>
>_______________________________________________
>https://ntlug.org/mailman/listinfo/discuss
>
>  
>
I realize that, at some point, this is a "would you rather be shot or 
hung" kind of issue.  However, if we had a *** few *** more libraries it 
might make things easier.  Those programs which needed a specific 
version would refer to it (or provide an override to do so), those 
programs which didn't care could use a "versionless" reference. 
 Granted, "versionless" could become version dependent at any time which 
is why the override feature should probably be built in from the start. 
 This approach would be a balancing act and I realize it would never be 
perfect but it might get us closer to a "least worst" situation.

More information about the Discuss mailing list