nuke cygwin legacy?

Andrew Schulman schulman.andrew@epamail.epa.gov
Wed Feb 6 18:16:00 GMT 2013


> On Tue, 05 Feb 2013 20:56:42 +0100, Erwin Waterlander wrote:
> > It doesn't matter that it is not secure.
> 
> Yes, it does.  IMHO it is irresponsible on our part to distribute
> unmaintained or knowingly vulnerable software, and it reflects badly on
> the Cygwin project.

I disagree.  The reason to offer it is that it can still provide a lot of
value on machines running those obsolete OSes.  I don't think that reflects
badly on the project, quite the opposite.  If, G** forbid, I ever had to
work for some reason on an old machine running Win98 or ME, the very first
thing I'd do would be to install Cygwin 1.5 on it, and be grateful that I
still could.

I think it's reasonable to offer 1.5 with a warning that it's provided as
is, unmaintained and unsupported, only for systems still running the
obsolete Win9x series.

Let's remember that the Win9x series is itself unmaintained, unsupported,
and without security updates.  Anyone still running it ought to know that
by now, and running Cygwin 1.5 wouldn't appreciably change it.

Finally, even when those OSes were new, they had negligible security built
into them.

Andrew



More information about the Cygwin-apps mailing list