On Mon, 24 Jan 2005 09:15:14 -0500, Sean Middleditch <elanthis@xxxxxxxxxxxxxxx> wrote: > We _have_ had this problem, btw. The problem is that it's not generally > developers that notice it. It's the user that just want to have their > machine work. I go to install third party app Foo from Foo's web site, > it needs libbar.so.2, Fedora only has libbar.so.1, and many other apps > on the net require libbar.so.1. A third part website is packaging libbar.so.2 in a package of the same package name as Feodora's libbar.so.1? Why would a third party site do that? Unless the intention was to replace the Fedora package? Isn't this an example of the care 3rd party packagers should be taking to make sure their packages work well with Core? And I might add.. that while users and admins.. might want to install many other apps from anywhere on the net that the find them... this is not necessarily advisable behavior. You continue to cater to this sort of thing and you will end up with people install very old libraries that are no longer being maintained so that they can install very old applications that are no longer being maintained and could have unresolved but well understood security problems. I'm really not sure its in anyones best interest to make it really drop-dead easy to install unmaintained software that might be expoitable simply because the package was created in 2000. -jef
