[OM Cooker] Discussions around new packaging formats
Bernhard Rosenkraenzer
bero at lindev.ch
Mon Jun 27 09:55:34 EDT 2016
Hi,
On 2016-06-26 23:17, Maik Wagner wrote:
> I noticed a couple of discussions on the German Linux News Sites such
> as heise.de or pro-linux.de that package management is apparently
> changing. Instead of the rpm/yum or dpkg/apt-get discussions there
> seem to be some new contenders: Snappy, Flatpack, AppImage etc.
From where I stand, those things are a major step backward.
Essentially they come down to Windowsism like "Bundle every library with
every application" as opposed to "have 1 system wide copy of every
library, make everything use that".
The idea behind that is great from the perspective of a (particularly
non-free) ISV (always have the exact version of a library you've checked
out, possibility to patch every library or depending service to death),
regardless of what you're running on.
But from the perspective of a system maintainer it is a horrible idea
(security bug in glibc -> replace every single package, keep getting bug
reports about something that has been fixed in a commonly used shared
library ages ago because some applications still bundle the old version,
...)
From the perspective of a malware developer, it's a great idea, you get
to hide malware/spyware/... in any library instead of having to deal
with the fact that distro developers look at libraries and patch out
malicious behavior if any. As long as you can get one package developer
to use your copy of the library, your stuff goes in.
From an end user perspective, you get more bugs, more bloat and far less
memory efficiency.
It probably can't hurt to allow installing those new package formats so
people can use whatever non-free stuff gets released there - but I think
adopting them beyond the point of "compatibility with other people's
packages" would be a really bad idea.
ttyl
bero
More information about the OM-Cooker
mailing list