1 |
On Sun, Aug 22, 2021 at 7:18 PM antlists <antlists@××××××××××××.uk> wrote: |
2 |
> |
3 |
> On 22/08/2021 22:59, Canek Peláez Valdés wrote: |
4 |
> > On Sun, Aug 22, 2021 at 3:32 PM <karl@××××××××.se |
5 |
> > <mailto:karl@××××××××.se>> wrote: |
6 |
> > [...] |
7 |
> > |
8 |
> > I'll be looking into that, but on some level, why should I be forced to |
9 |
> > go around udev. Can't programs be compiled without udev today... |
10 |
> > |
11 |
> > |
12 |
> > Yes, they can, if you (or someone else) write the necessary code, debug |
13 |
> > it, maintain it and keep it up to date and fix vulnerabilities and other |
14 |
> > errors that inevitably will appear, as it does with every piece of software. |
15 |
> |
16 |
> What you're missing, is that this code IS NOT USED. |
17 |
> |
18 |
> The OP wants to delete a load of code from his system precisely to |
19 |
> ELIMINATE vulnerabilities. If the code ain't there, it don't need fixing. |
20 |
> |
21 |
> Yes I take your point, but bloat is bloat, and bloat is a liability. |
22 |
> |
23 |
|
24 |
Sure, and if it is that easy to remove then it won't be a huge time |
25 |
commitment for you to maintain your own private fork of the software. |
26 |
Still, somebody has to do the work, and since the number of people who |
27 |
don't have udev installed is pretty small, chances are it won't be |
28 |
somebody else. Of course, you can release your fork as FOSS so that |
29 |
others can benefit from it. |
30 |
|
31 |
Keep in mind that even just removing code does incur the risk of |
32 |
making mistakes, and at some point maintaining a fork that almost |
33 |
nobody uses also has some risk to it. Don't really want to get into a |
34 |
completely hypothetical argument about which is worse - obviously the |
35 |
devil is in the details. This is likely why upstreams are mostly not |
36 |
interested in supporting building without a requirement of udev. |
37 |
|
38 |
-- |
39 |
Rich |