Reply to post: Re: Snap Packages

A perfect marriage: YOU and Ubuntu 16.04

Anonymous Coward
Anonymous Coward

Re: Snap Packages

Snaps don't sound like that good an idea to me. It's not unusual for an application's security problems to be the fault of one of the libraries that it uses (for example a jpeg library for a Web browser).

With apt you just update the single version of the library that's installed on your system. If that broke something that simply applied pressure on package maintainers and app developers to keep things up to date. But at least the buggy library had been expunged from your system and you'd be safe.

Now with snaps it sounds like it might be difficult to ensure that a buggy and dangerous library dependency has actually been removed from a system. Snaps will make it easy for maintainers to be lazy with keeping things up to date, and that's never good for security. Furthermore it may be difficult to stop an old and dangerous dependency coming back into a system simply by installing a poorly maintained application that still includes it. Not great.

They may be thought about and solved these problems, but it's now something I'll have to go and read up on and check out instead of just using it. An if they've got it wrong then it becomes a major security headache instead of being a useful tool.

It's also how Windows does dependencies. Microsoft resolved the DLL hell problem by simply allowing apps to install different versions of DLLs. You end up with multiple versions of common DLLs, which totally misses the whole point of a DLL or shared library.

And why the hell does anyone think it's a good idea to have competing package management systems on a machine? It's bad enough now without introducing yet more fragmentation. Previously you'd simply search apt, and then fetch a tarball if what you wanted wasn't in the repository. Now it's a case of looking for a snap, in apt, wondering which to choose if it's in both, etc. This isn't going to help the world solve the problem of which way to package software.

Snaps and SystemD, it's like the Linux community is engaged in a head long rush to mimic Windows in every way conceivable having spent the best part of three decades slagging it off. With Gnome seemingly hell bent on removing everything that was useful (file time stamps in a file manager?) Linux is rapidly becoming a place that I don't want to be any longer. In fact there's a lot about it now that is fairly shitty and getting worse.

Microsoft?

If MS can make their support for Linux userland work well (early signs are good) we might be in the bizarre situation where the best place to run open source software is Windows, not Linux.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon