On Tue, Jun 26, 2007 at 08:36:51AM -0700, Russ Allbery wrote: > Some software packages include in their distribution convenience > copies of libraries from other software packages, generally so that > users compiling from source don't have to download multiple packages. > Debian packages should not make use of these convenience copies. If > the included library is already in the Debian archive, the Debian > packaging should ensure that the software is linked with the libraries > already in Debian and the convenience copy is not used. If the > included library is not already in Debian, it should be packaged > separately as a prerequisite. >
I've tried to stay away from compile type language (and to some extent
'link') as it's not only C* programs that this effects.
> Having multiple copies of the same code in Debian is inefficient,
> often creates either static linking or shared library conflicts, and,
> most importantly, increases the difficulty of handling security
> vulnerabilities in the shared code.
Hrm... does rationale belong in policy?
I like the wording though :)
Neil
--
<gwolf> bah.... Germans. You just put 100 DDs in one country and then they all
become friends of each other.
signature.asc
Description: Digital signature
