[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Python talks at DebConf

On 08/05/10 06:41, anatoly techtonik wrote:
> 80kb of duplicated
> code (even 8Mb) doesn't worth wasted time for troubleshooting in 2010.
> It may be a reason for security, but why not just let packages
> register their used version in Debian registry and track it there?

Because if there's a security hole in that code, you would need to make a lot of
DSAs (see the recent problem with expat that was embedded in a lot of places).
That's even worse than statically linking, since those embedded copies are forks
of their original upstream many times.


Reply to: