Slashdot Mirror
Java Fallout: OO.o 2.0 and the FOSS Community
Joe Barr writes "Bruce Byfield has an interesting look at the 'fallout' between OpenOffice.org and the free/open source software communities because of their reliance on Java in the latest release. As he says, "It seems a decision based largely on practical considerations -- and with a disregard for the consequences for both the rest of the free and open source software (FOSS) communities and the future of OpenOffice.org itself." This is an issue that is not going away."
"Java is probably already on most desktop computers." Most computers may have some sort of Java libs, but you have to have the Java Runtime Environment or the SDK for OOo. Most computers do not in fact have this. Microsoft packages its own Java runtimes which, as far as I know are incompatible with OOo, and many linux distros don't package it due to licensing issues. I do agree that OOo is a great office suite and the price is great, but it would be a lot more portable and easier to distribute if it did not rely on Java so much.
From TFA,
"By contrast, Red Hat and Fedora prefer to build OpenOffice.org with the GNU Compiler for Java (GCJ), which is not only a compiler, but also a free JRE. This was Red Hat's strategy with earlier versions of OpenOffice.org, and Red Hat engineers are attempting to continue it. Caolan Macnamara, a programmer at Red Hat, has reported limited success compiling earlier developer builds of version 2.0. However, GCJ is not yet a complete replacement for official releases of Java, and adding patches makes the strategy painstaking and laborious at best."
- vimal
Given that it's perfectly legal to implement a system like Kaffe, given that it exists, that it can be done if you absolutely must, what is the actual issue with using Java in Open Source projects? Lord knows there are _tons_ of FOSS projects written in Java out there...
If the issue is just the Sun license and the "non-official" status of projects like Kaffe, to that I just have to say, guys, get over yourself. If you don't like the Open Office folks writing functionality that depends on Java, write it in C or whatever your self and contribute it. Seriously.
As far as end users? They don't care what something is written in. They want something that works. To that end, placing yet another installation requirement in the chain isn't great, but at the same time, the vast majority of user installations ( including on Linux ) simply aren't complete without a working JVM anyway, so... what's the big deal again?
From the article:
By contrast, Red Hat and Fedora prefer to build OpenOffice.org with the GNU Compiler for Java (GCJ), which is not only a compiler, but also a free JRE. This was Red Hat's strategy with earlier versions of OpenOffice.org, and Red Hat engineers are attempting to continue it. Caolan Macnamara, a programmer at Red Hat, has reported limited success compiling earlier developer builds of version 2.0. However, GCJ is not yet a complete replacement for official releases of Java, and adding patches makes the strategy painstaking and laborious at best.
They're trojans really, not viruses, as they do not spread themselves, usually they act as a vector for installing malware. The most common one takes advantage of a bytecode verifier bug in the MS JVM, which Sun allowed MS to patch in release 3012 (distributed as a critical update to Windows since about 2 years ago), despite being ordered by a court not to continue to release updates to their JVM.
There was a vulnerability with 1.4.2_04 (or maybe _05?) and earlier JVMs recently, but I have yet to see an exploit in the wild. People are probably becoming alarmed because their virus detection is picking up a "virus", since the exploit code was downloaded from a porn or warez site they visited, but if they are running an up to date JVM, then the exploit code was not executed, so its mere presence in the cache is not cause for concern in itself.