On 9/6/05, Frank Küster <[EMAIL PROTECTED]> wrote: > Justin Pryzby <[EMAIL PROTECTED]> wrote: > > > Could someone else also comment on how applications should deal with > > shared libraries which are not intended to be used by other programs? > > If they aren't used by other programs, there's no need to produce a > library. Perhaps it's convienient to create static libraries during > compilation and link against these, but shared libraries are of no use.
there are two executables in the resulting package: qingy and qingy-DirectFB, so probably the library is a good choice (but in the same package. > Note that I wrote "if they aren't used by other programs". I didn't > write "if they are not intended to be used", this is a different thing. > If you have code in your project that fits other people's needs, they > are going to use it. If there is no shared library, they'll just copy > the code. > > Don't let that happen. xpdf has let this happen, and it makes up a > medium-sized security nightmare: Everytime a security bug pops up in > xpdf (and it does frequently), a couple of packages which come with > their own particular version of that code have to be > > - checked whether that version is vulnerable > > - checked whether in that version the patch for current xpdf is > sufficient to fix the issue > > - recompiled > > So it doesn't hurt to prepare your software for being a shared libray, > and telling people that they should request that instead of copying your > code. > > Regards, Frank > -- > Frank Küster > Inst. f. Biochemie der Univ. Zürich > Debian Developer > > -- Regards, EddyP ============================================= "Imagination is more important than knowledge" A.Einstein
