lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

The barnacle I was referring to was the awkwardness of the whole process, not the fact that it is security concious. Deployment should be easy not indeciperably hard. Regardless of which, documentation on said subject and error messages related thereto should also be explicit and clear. As I've already indicated, I have not found that to be the case.
Given that linking with the dynamic CRT libraries has always worked in the past, to switch to a new system that uses an identical method but which breaks completely absent the specific version of the dynamic CRT library (even with the same name) is dire. The fact it is so dire and that so many competent software engineers are confused by this "deployment issue" is testament to how horrible the whole thing is. 

They should at least give you the option:

Version X.YZ of the Microsoft dyanmic CRT 8.0 is required. "
Version X.YZ is not present but a compatible version W.YZ is available.

Would you like to use it? They may be security issues with this choice.

	[Yes] [No]
For *most* people they'd be able to continue working OK, if slightly interrupted. I'm sure some people would think the above option is vomit inducing. I'm thinking of it as the desktop equivalent of the Internet Explorer Active X warning. I'm not delighted by the above suggested option either but it keeps people working. THey could have added an option to the manifest that specifically would allow/deny such an option depending on how important the DLL was (in the case of the MS CRT, which is pretty much unchanging from release to release it would be "allow").
Anyway its moot, they've done it and people have to live with it (I felt the same way about the awful Visual Studio 7.0 that was such a gigantic leap backwards in usability compared to VS 6.0). 

Stephen

Stefan Sandberg wrote:
I disagree, I think it's a very good thing to be able to specify my executable's dependencies and security, and in the case of dll's & libraries, have it present itself properly to others. I might not agree with the syntax & method used either, but it has a very good purpose.