--- Jeff Best <jeffb@jtbest.demon.co.uk> wrote:
> My biggest concern is the release of an
> executable to install a program. I don't know if
> other people worry about the opacity (and hence,
> risk) of running programs to install things as
> much as I do.
I don't worry about it overly much, especially on
"open source" projects where I can see the sources and
the rules going into a build.
From a security standpoint I agree with you, but if I
was working on a hardened configuraion I wouldn't
install precompiled software at all.
In fact, I might not even use Poplog if it will only
bootstrap via an existing Poplog compiler. You've no
doubt seen (IIRC) Kevin Ritchie's hack to a C compiler
to recognize when telnet was being built and insert a
back-door...
> >Where I could help is on the Linux side, especially
> >with regard to creating a Debian package and
working
> >on the build process.
>
> That would be very helpful. I can test whatever you
> produce on a SuSE
> distribution, and possibly a few others. I can also
> try things on a x86
> Solaris installation. (Since you seem to be
> developing Debian, this may
> not be the helpful suggestion originally intended
> ;-)
:-)
I see old e-mail from Craig Brozefsky (also a Debian
guy) but don't know what became of his efforts.
> I imagine that for most of the Linuxes a RPM would
> be suitable, or is
> there some other standard that Debian uses? Perhaps
> we can create a CD
> ISO image suitable for all the Unix/Linux and
> platforms, and use
> something like "jigdo" for the download?
Debian uses a format called "deb" that performs a
similar role to RPM. The RPM and Debian people have
been collarorating off-and-on for a while on a unified
format, but I don't think much real progress has been
made recently.
> I see that you are the lead administrator for the
> Gnu HURD project at
> SourceForge and have something to do with Debian
> development?
The GNU Hurd project on Sourceforge is mostly dormant.
The real stuff was moved to the FSF's Sourceforge
work-alike (Subversion). I'm not doing much with the
Hurd lately.
> Perhaps it is time we all introduced ourselves again
> - or better still,
> for the OpenPoplog team, we should post some biogs
> on the site.
>
Short Intro:
I'm a software engineer with a firm that develops
banking software. This work is done on RISC/6000
machines with our newest teller platform running on
Windows web servers (C#/.NET work). In my spare time
I work on Debian GNU/Linux and play with
"non-mainstream" languages.
I got interest in these odd little languages because
of my experiences working on large software projects
using combinations of C++, VB, and now C# and SQL. I
was very unhappy with the general quality of the
software produced, with the level of fault-tolerance
of the resulting system, and with how difficult it was
to extend and maintain the source base.
I started with Scheme and ML (after reading "Structure
and Interpretation of Computer Programs"), which got
me interested in functional languages. Then I read
some of David Parnas' old papers and begain looking at
Logic-based languages and Constraint Programming.
Finally, I read some of Joe Armstrongs papers on
Erlang and fault-tolerant software and took a look at
highly-concurrent systems for robust software.
Poplog looks great to me because it allows
interoperating between several different languages.
It also seems to have a very efficient implementation
(another big plus). Finally, it seems to have been
used to create real "people-paid-for-it" applications
that had to survive customer use and had to
demonstrate commercial viability.
So, Poplog seems to have a lot going for it and I
think it's great that people are reviving development
on it.
-Brent
|