Linked by Thom Holwerda on Fri 10th Apr 2009 15:43 UTC, submitted by Alexander Yerenkow
PC-BSD PC-BSD, the desktop-oriented FreeBSD variant, has released version 7.1, dubbed Galileo. In case you don't know, PC-BSD is a FreeBSD distribution with lots of customisations focussed on the desktop user. Its most defining features is the Push Button Installer, a self-contained package format with handy installers/uninstallers. PC-BSD 7.1 comes loaded with changes and updates.
Thread beginning with comment 358079
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: PBI's
by Doc Pain on Fri 10th Apr 2009 21:07 UTC in reply to "PBI's"
Doc Pain
Member since:
2006-10-08

While PBI's offer a way for users to install software without downloading extra dependencies or offline package installation, it also has a drawback. Every package you install comes with all their dependencies and you will end with a lot of space spent in duplicate libraries.


Please see the implication: Let's say programs A, B and C depend on library L, and due to a security update L has been updated to L'. On a regular FreeBSD system, you would update L to L' and everything's fine. On PC-BSD, it isn't that easy. PBI maintainers would first have to create PBI packages A', B' and C' that include L' instead of L, and then you would need to download and install them - manually.

But I'd like to say that the averade desktop user (the main target audience of PC-BSD in my opinion) would not care for such updates.

So while efficient at ease of installation, is inefficient at disk space usage.


I'd say that's no problem today, hard disks are large enough. Furthermore, you'll need a quite up-to-date PC to run PC-BSD, so there will be a huge hard disk inside.

But for people coming from Windows and Mac worlds it's a very good alternative.


Yes, it is. And they get a full-featured UNIX under the hood. Wait a moment, isn't that what Mac OS X users already have? :-)

Reply Parent Score: 3

RE[2]: PBI's
by foldingstock on Sat 11th Apr 2009 00:42 in reply to "RE: PBI's"
foldingstock Member since:
2008-10-30

Please see the implication: Let's say programs A, B and C depend on library L, and due to a security update L has been updated to L'. On a regular FreeBSD system, you would update L to L' and everything's fine. On PC-BSD, it isn't that easy. PBI maintainers would first have to create PBI packages A', B' and C' that include L' instead of L, and then you would need to download and install them - manually.


This is why the PCBSD maintainers included a very nice, user-friendly PBI update utility. The system periodically checks for updates. When updated PBI's are found, the user is notified and the PBI's can be automatically downloaded.

No manual work needed on the user end. ;)

Reply Parent Score: 2

RE[2]: PBI's
by papertape on Mon 13th Apr 2009 15:04 in reply to "RE: PBI's"
papertape Member since:
2008-05-04

The potential difficulty you point out with multiple updating of applications versus single updating of the affected library is real, and has been mentioned several times in connection with PC-BSD's approach.

The approach taken by PC-BSD (outlined in the other response to your post) is one way of trying to ensure that all occurrences are updated painlessly.

But I also wonder just how much the situation you describe occurs in practice. Usually, library code is written by more experienced (and hopefully more careful) coders. It is also the most examined. Not saying they don't have vulnerabilities, obviously they do. But at a far lower rate than applications.

For example, take a look at FreeBSD security advisories:

http://www.freebsd.org/security/advisories.html

Not too many instances of library problems, almost entirely application code. So I don't think the PC-BSD vulnerability is that much greater than a regular FreeBSD system. Of course, if a popular library is affected, then the potential exposure is far greater, as you point out.

Reply Parent Score: 1