begin quoting Michael O'Keefe as of Mon, Aug 28, 2006 at 12:28:29PM -0700: [Attribution lost] > >>Linux *still* sucks. > >> > >In many ways yes - dependencies (WTF can't people compile static > >versions of applications?!), > > And waste all that diskspace linking in libc (at least!) a couple of
Sometimes, disk is cheap. > thousand times (ok, yes it doesn't link it all in, only the required > symbols) and let's not even talk about security fixes...got a patch for 'cuz if it don't work at all, that's secure. The underlying problem is, of course, poor library-management discipline. Many library developers appear to have lost their reluctance to remove functions, or to spend some effort ensuring backwards compatibility AND to think about forward compatibility. Likewise, many developers seem to have decided that the "required" version is the one they're using now, and so hard-code a link to a *specific* version of a shared library. If I, as a application developer, am going to require a specific version of a shared library, to where a point-increment on the library will break my program, then I might as well use the static version of the library. If I, as a library developer, want to remove functions from the library, or reorganize the argument lists, I should save up these changes and then bump the major revision of my library. I should ensure that code written against my libFoo.so.4.0.0 works with libFoo.so.4.21.34 without recompiling the application code. This will, however, slow down development. It would require more testing. I should dope-slap anyone on my team who wants to put a "works best with" disclaimers for a particular distro. > libc, release EVERYTHING statically linked again ? f*ck that ! If we're finding security bugs in libc on a regular basis, we have more serious problems than saving a little time upgrading our programs. -- _ |\_ \| -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
