[nycbug-talk] ports systems. . .

[Marc Spitzer]

On Mon, 06 Sep 2004 11:28:47 -0400 (EDT)
Louis Bertrand <louis at bertrandtech.ca> wrote:

> Maybe a bit off topic, but I'm getting annoyed at the ports concept
> because of the shared library aspect. If a ports tree gets a bit
> crufty, you start getting problems with shared libraries falling out
> of sync or, if you want to update the shared lib to build a new port
> you end up having to update all the ports that depend on it (woe to
> you if any are broken at the time).

This would lead to major security issues, it would be a nightmare of
wasted time to even attempt to track accurately what you actually have
installed on you system.  Think about it you would need to know the
version of libXYZ that is compiled into each application that uses it
*and* what are the security issues for each version.  And that is just
to have some idea what is needed to even take corrective action.  It
would be admin/management by 1000 cuts.  Also this would encourage apps
to start shipping there own version of libXYZ, its all static anyway 
so why not, and that raises its own management problems.  

In some other respects it is not a bad idea and I have been bitten with
the ports tree out of date & bad port issues but all in all it works
well
enough that I am very happy with the system.

marc