On Mon, 24 Jan 2005 10:02:52 -0500, Jeff Spaleta wrote: > And I might add.. that while users and admins.. might want to install > many other apps from anywhere on the net that the find them... this is > not necessarily advisable behavior. You continue to cater to this > sort of thing and you will end up with people install very old > libraries that are no longer being maintained so that they can install > very old applications that are no longer being maintained and could > have unresolved but well understood security problems. I'm really not > sure its in anyones best interest to make it really drop-dead easy to > install unmaintained software that might be expoitable simply because > the package was created in 2000. Wow - 2000 is only 5 years ago guys. There are *lots* of people still running programs designed for Windows 95, which is now 10 years old! Face it: people will run the software they want. If you make it difficult or annoying for them out of a misguided sense that security-through-obnoxiousness is OK, they'll just use Windows which doesn't do much for security at all but at least makes it easy for the user to achieve their goal. The best solution is for libraries to not break backwards compatibility every other week, that way security fixes are magically present even for 5 year old apps. Seriously, 5 years is really nothing, it's all about mindset. thanks -mike
