| 1 |
On Sun, Aug 22, 2021 at 7:18 PM antlists <antlists@××××××××××××.uk> wrote: |
| 2 |
> |
| 3 |
> On 22/08/2021 22:59, Canek Peláez Valdés wrote: |
| 4 |
> > On Sun, Aug 22, 2021 at 3:32 PM <karl@××××××××.se |
| 5 |
> > <mailto:karl@××××××××.se>> wrote: |
| 6 |
> > [...] |
| 7 |
> > |
| 8 |
> > I'll be looking into that, but on some level, why should I be forced to |
| 9 |
> > go around udev. Can't programs be compiled without udev today... |
| 10 |
> > |
| 11 |
> > |
| 12 |
> > Yes, they can, if you (or someone else) write the necessary code, debug |
| 13 |
> > it, maintain it and keep it up to date and fix vulnerabilities and other |
| 14 |
> > errors that inevitably will appear, as it does with every piece of software. |
| 15 |
> |
| 16 |
> What you're missing, is that this code IS NOT USED. |
| 17 |
> |
| 18 |
> The OP wants to delete a load of code from his system precisely to |
| 19 |
> ELIMINATE vulnerabilities. If the code ain't there, it don't need fixing. |
| 20 |
> |
| 21 |
> Yes I take your point, but bloat is bloat, and bloat is a liability. |
| 22 |
> |
| 23 |
|
| 24 |
Sure, and if it is that easy to remove then it won't be a huge time |
| 25 |
commitment for you to maintain your own private fork of the software. |
| 26 |
Still, somebody has to do the work, and since the number of people who |
| 27 |
don't have udev installed is pretty small, chances are it won't be |
| 28 |
somebody else. Of course, you can release your fork as FOSS so that |
| 29 |
others can benefit from it. |
| 30 |
|
| 31 |
Keep in mind that even just removing code does incur the risk of |
| 32 |
making mistakes, and at some point maintaining a fork that almost |
| 33 |
nobody uses also has some risk to it. Don't really want to get into a |
| 34 |
completely hypothetical argument about which is worse - obviously the |
| 35 |
devil is in the details. This is likely why upstreams are mostly not |
| 36 |
interested in supporting building without a requirement of udev. |
| 37 |
|
| 38 |
-- |
| 39 |
Rich |
Archives