Python and IDEs [was Re: Python 3 is killing Python]
Michael Torrie
torriem at gmail.com
Fri Aug 1 16:22:20 EDT 2014
On 08/01/2014 08:39 AM, Chris Angelico wrote:
> The installer has basically three choices.
> 1) Install libnettle inside the application directory
> 2) Install libnettle to some system library directory
> 3) Don't install libnettle, and demand that someone else (perhaps the
> user, or the system package manager) install it.
>
> Option 1 results in duplications. (Unless one application is allowed
> to access a library in another application's directory, which is a
> HORRIBLE mess.) Option 2 is exactly what you're complaining about,
> scattering files all over the FS. And option 3 is what package
> managers are for. What are you advocating?
Option 1 also is a huge security hole. A prime example of this was the
so-called heartbleed bug. In such a model, each app that distributes
openssl in the app bundle has to be updated or it is at risk. This
turns out to be a huge vulnerability.
More information about the Python-list
mailing list