[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Texmacs-dev] appimages

From: Massimiliano Gubinelli
Subject: Re: [Texmacs-dev] appimages
Date: Sun, 29 Nov 2020 13:11:01 +0100

Dear Andrey,
 I understand this. 

On the other hand this is a concert that makes less sense for personal 
productivity software. The distinction of what is a library and what is the 
program is an artificial one. For example one can argue that Guile 1.8 is part 
of TeXmacs now, is not an external library: this is the point of view of the 
GNU Guile team which do not recognize TeXmacs as a program which uses Guile 
(see their home page). Another example: to produce PDF we use a library which 
we just incorportate in our sources. So it is a library or not?

We have of course responsibility to ship reasonably secure software, so if we 
ship AppImages (like we ship .app bundles on Mac, and similar binaries on 
Windows) we have also give a easy way to update to the latest version if 
problems arise.

My point is that we *need* to provide a fallback mechanism for every Linux user 
to be able to install our software on their machine if the like. And easily.

From my point of view is really a shame that the Linux ecosystem is so bad to 
support desktop use of their OS. Even for reasonably literate people takes a 
while to install TeXmacs on these machines (compared to what happens on OSX, 
Windows or even Haiku).

The solution we have now is the statically linked "package", which is not a 
package but a .tar.gz file which one has to decompress and run from the command 
line. To me this is not an acceptable solution for general public.


PS: actually appimages can be *more* secure, because we can ship all the latest 
libraries even on older systems... 

> On 29. Nov 2020, at 05:29, Andrey G. Grozin <A.G.Grozin@inp.nsk.su> wrote:
> AppImage (and similar) have a big disadvantage: if a vulnerability is 
> discovered in any bundled library, it is *not* fixed by the update by the 
> linux distro. The bundled library remains remains vulnerable forever, or at 
> least until the author of the AppImage finds time to fix it. This is the main 
> reason why all linux distros strictly forbid to use bundled libraries in 
> distro packages.
> Andrey
> _______________________________________________
> Texmacs-dev mailing list
> Texmacs-dev@gnu.org
> https://lists.gnu.org/mailman/listinfo/texmacs-dev

reply via email to

[Prev in Thread] Current Thread [Next in Thread]