[Date Prev] [Date Next] [Thread Prev] [Thread Next] Date Index Thread Index Search archive:
Date:Fri, 27 Feb 2004 21:11:13 +0000 (UTC) 
Subject:Re: 15.53 - Windows Installer Available 
From:bfulg 
Volume-ID: 


--- Jeff Best <jeffb@jtbest.demon.co.uk> wrote:
> My biggest concern is the release of an 
> executable to install a program. I don't know if
> other people worry about the opacity (and hence, 
> risk) of running programs to install things as
> much as I do.

I don't worry about it overly much, especially on
"open source" projects where I can see the sources and
the rules going into a build.

From a security standpoint I agree with you, but if I
was working on a hardened configuraion I wouldn't
install precompiled software at all.

In fact, I might not even use Poplog if it will only
bootstrap via an existing Poplog compiler.  You've no
doubt seen (IIRC) Kevin Ritchie's hack to a C compiler
to recognize when telnet was being built and insert a
back-door...
 
> >Where I could help is on the Linux side, especially
> >with regard to creating a Debian package and
 working
> >on the build process.
> 
> That would be very helpful. I can test whatever you
> produce on a SuSE 
> distribution, and possibly a few others. I can also
> try things on a x86 
> Solaris installation. (Since you seem to be
> developing Debian, this may 
> not be the helpful suggestion originally intended
> ;-)
 
:-)

I see old e-mail from Craig Brozefsky (also a Debian
guy) but don't know what became of his efforts.

> I imagine that for most of the Linuxes a RPM would
> be suitable, or is 
> there some other standard that Debian uses? Perhaps
> we can create a CD 
> ISO image suitable for all the Unix/Linux and
> platforms, and use 
> something like "jigdo" for the download?

Debian uses a format called "deb" that performs a
similar role to RPM.  The RPM and Debian people have
been collarorating off-and-on for a while on a unified
format, but I don't think much real progress has been
made recently.

> I see that you are the lead administrator for the
> Gnu HURD project at 
> SourceForge and have something to do with Debian
> development?

The GNU Hurd project on Sourceforge is mostly dormant.
 The real stuff was moved to the FSF's Sourceforge
work-alike (Subversion).  I'm not doing much with the
Hurd lately.
 
> Perhaps it is time we all introduced ourselves again
> - or better still, 
> for the OpenPoplog team, we should post some biogs
> on the site.
> 

Short Intro:

I'm a software engineer with a firm that develops
banking software.  This work is done on RISC/6000
machines with our newest teller platform running on
Windows web servers (C#/.NET work).  In my spare time
I work on Debian GNU/Linux and play with
"non-mainstream" languages.

I got interest in these odd little languages because
of my experiences working on large software projects
using combinations of C++, VB, and now C# and SQL.  I
was very unhappy with the general quality of the
software produced, with the level of fault-tolerance
of the resulting system, and with how difficult it was
to extend and maintain the source base.  

I started with Scheme and ML (after reading "Structure
and Interpretation of Computer Programs"), which got
me interested in functional languages.  Then I read
some of David Parnas' old papers and begain looking at
Logic-based languages and Constraint Programming. 
Finally, I read some of Joe Armstrongs papers on
Erlang and fault-tolerant software  and took a look at
highly-concurrent systems for robust software.

Poplog looks great to me because it allows
interoperating between several different languages. 
It also seems to have a very efficient implementation
(another big plus).  Finally, it seems to have been
used to create real "people-paid-for-it" applications
that had to survive customer use and had to
demonstrate commercial viability.

So, Poplog seems to have a lot going for it and I
think it's great that people are reviving development
on it.

-Brent