_Programs under PC-BSD are completely self-contained and self-installing, in a graphical format. A PBI file also ships with all the files and libraries necessary for the installed program to function, eliminating much of the hardship of dealing with broken dependencies and system incompatibilities. _
"you'd have duplication of files!"
or
"you'd have to update multiple libraries when there's a security patch!"
I didn't know about pcbsd, but I've espoused similar ideas to my linux friends years ago, and was generally met with the one of the two objections listed above. I think they're both bad arguments, but it's what I encountered the most.
The problem isn't that you have to update multiple libraries - it's that you have to rely on each application developer to release an update when there's a patch for one of its libraries. That simply won't happen in many cases.
for static compilation, true. if required libraries were bundled with an app, you could replace that one in that ___location specific to that app and be done, assuming that the app didn't need any extra work done to it to support the new library.
Given that all this discussion largely revolves around open source projects anyway, if a developer didn't update for a new security patch in a library, someone would likely step up to the plate if it was a commonly used app. If it's a niche/minor app, and there's, say, a new version of libssl, if the author isn't making updates, there's no guarantee the app will work with an updated version of an upgraded shared library anyway.
for static compilation, true. if required libraries were bundled with an app, you could replace that one in that ___location specific to that app and be done, assuming that the app didn't need any extra work done to it to support the new library.
But it'd still be up to the developer to update the library, no? Otherwise, how is that better than the current situation?
If it's a niche/minor app, and there's, say, a new version of libssl, if the author isn't making updates, there's no guarantee the app will work with an updated version of an upgraded shared library anyway.
But you don't have to upgrade the version of the library to release security updates: the Security team of Debian backports all security fixes to the library versions in Stable even if the upstream didn't, in order to prevent such breakage.
The library developer updates the library, and if the app doesn't need changes to work with the new library version, he doesn't have to do anything. You could even automate finding all copies of the library and updating them...and keep prior versions around if something breaks.
To avoid relying on app developers at all, put apps in sandboxes where it appears that the libraries are where they've always been.
_Programs under PC-BSD are completely self-contained and self-installing, in a graphical format. A PBI file also ships with all the files and libraries necessary for the installed program to function, eliminating much of the hardship of dealing with broken dependencies and system incompatibilities. _
[1]:http://www.pcbsd.org/index.php?option=com_zoo&view=item&...