From owner-freebsd-questions@FreeBSD.ORG Sat Dec 15 01:28:51 2007 Return-Path: Delivered-To: FreeBSD-Questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9C51F16A419 for ; Sat, 15 Dec 2007 01:28:51 +0000 (UTC) (envelope-from modulok@gmail.com) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.188]) by mx1.freebsd.org (Postfix) with ESMTP id 1BBC513C457 for ; Sat, 15 Dec 2007 01:28:50 +0000 (UTC) (envelope-from modulok@gmail.com) Received: by rv-out-0910.google.com with SMTP id l15so1206543rvb.43 for ; Fri, 14 Dec 2007 17:28:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=j+3nOc9HA2fUtaqxnlzEbpkE8Eupn2ZKMbZPg9hqMbI=; b=hlwU5J1f/DVWvOSNWLKvbOfWL852AZugkBVECgFlQ/YTYlHCgpR9GhFZcc6jcyLW6osDwXPMF8uIC5FV+hXjrUu9V5jt/OD/OkXtN6ndUFTZXDBj5wVBYsmNduBu4EWdX51gOwmfwXx0FcBmKo/vgbPcl+I1J5AWQbqG+v4tdso= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=s9A00BzNtTxgzGOHhdHG0/u0GsbM2YBSCLVjI37CrwNhBh3CbxAtBHbp2ADtlHmlkwt9X2de47zRxW95QHPy5aTMmlAfxqzPt2tTYuSkot7+SecjXfm9AAsz8w3Q6RfXYjZSse+p29KoQbqLtvlJQIPABQzJ2CULlpKlI9QMM6A= Received: by 10.141.15.19 with SMTP id s19mr2382744rvi.75.1197682130363; Fri, 14 Dec 2007 17:28:50 -0800 (PST) Received: by 10.70.70.2 with HTTP; Fri, 14 Dec 2007 17:28:50 -0800 (PST) Message-ID: <64c038660712141728h7fe4d10bt2fbe148533f6707e@mail.gmail.com> Date: Fri, 14 Dec 2007 18:28:50 -0700 From: Modulok To: "Ted Mittelstaedt" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20071214164358.5D01A13C461@mx1.freebsd.org> X-Mailman-Approved-At: Sat, 15 Dec 2007 02:16:55 +0000 Cc: samba@lists.samba.org, WD@us-webmasters.com, Timur@freebsd.org, remko@freebsd.org, FreeBSD-Questions@freebsd.org Subject: Re: Yikes! FreeBSD samba-3.0.26a_2, 1 is forbidden: "Remote Code Execution... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 Dec 2007 01:28:51 -0000 On 12/14/07, Ted Mittelstaedt wrote: > > This happens from time to time with the FreeBSD ports system, and > there isn't any way to avoid it. Most open source software > today is written to depend on other open source software > packages. People don't like spending programming time > reinventing the wheel. As a result you have a large dependency > list which has deep roots as the dependent programs themselves > have even more dependencies. If just one single program in > that mess gets updated it will affect entire trees and many > other programs. > Which is ever so irritating... In 40 years of lessons learned from the school of hard knocks in relation to the design and evolution of both programming languages and the software designs they implement, one truth has emerged: data hiding increases the robustness of a program. Functions hide data, classes hide data, namespaces hide data, the very concept of scope, hides data. Yet, when we pull back and look at a slightly larger picture of the interactions of programs themselves, we fail short of carrying this idea through to a higher level. Package X depends on package Y, but package Y depends on package Z, but package Z cannot be installed because of a name conflict with package W. Update program X and you could break what appears to be an un-related program J. Tough luck. Code re-use is a good thing. Intricate, far-reaching dependencies are not. While package managers attempt to mitigate the underlying issue, using code re-use as an excuse for the fragility of a system design, is unfortunate. I do not pretend to have all of the answers, but I feel that current state of things could be much improved. That said, I think the volunteers, such as the package maintainers, are doing an excellent job within the confines of the system they are bound to. Sorry if this is off topic in relation to the samba issue, but one of the replies hit a sore spot of mine. I had to spill a few lines of my own. -Modulok-