Debian "developers" don't "develop", the software. Debian mainly provide the packaging tools and infrastructure.  The package maintainers attempt to fix bugs, but they are usually reliant on patches from upstream.

This is where the OP's argument is most misguided. Debian don't "quality control" every single line of code that makes up a source package, which is in turn packaged and then becomes a Debian release. Due to the nature of the "freeze", Debian releases with numerous bugs and receives ongoing fixes during the lifetime of a release. Sime bugs are never fixed.

Devuan and other derivatives inherit those. Except for maybe Ubuntu, none of the derivatives have the man power to go it alone.

So Debian and by extension Devuan, are not actually responisble for any bugs in the upstream software they may provide. Really this would be better as a detailed bug report to the developers of SLiM.

Looking at the earlier posts in this thread, with respect to /usr/local and /opt :

I know of no OS that uses /opt according to older FSH documenation. There might be, but it's none of the BSDs, macOS or any Linux distribution that I have come across. That same site also has the section for /usr/local and describes its historic purpose and its use today.

Nowadays /opt is for software that fits the description "self contained binary distribution". e.g. the Mozilla Firefox binaries.

/usr/local is for software you compile locally and install into a structure that matches /usr . The idea there is that your locally compiled version doesn't clobber the version provided by the OS. This is exactly how FreeBSD and OpenBSD ports are installed.

So I'm not sure installing packages into /usr/local makes any sense.

If I'm going to go to great lengths to package something, then I'm going to install it into /usr and I'm going to ensure dependencies are handled, and that I have correct conflicts in place to ensure I'm not overwriting anything. However I might not do any of the above, and we're back to where we were 10 + years ago with those user created Ubuntu packages which were frowned on by Debian users. This is why the likes of flatpak and snap appeared...

Otherwise I'm not going to bother packaging it in the first place.

You can drill down to get that info. My point is that, Debian is actually not this pinnacle of design and engineering that some believe it to be. It's the approach of freezing at these specific package versions and then patching, that creates many of these problems, then the backporting of "upstream" security patches to older versions has been shown to be unreliable time and again - i.e. those patching not understanding what they're patching, and not factoring in upstream changes in newer versions and their dependencies which could render the patch useless or detrimental (it has happened).Then there are the plethora of bugs which remain unfixed for the lifecycle of a release, because they either can't be easily fixed without upgrading components to newer versions or there is no one willing/able to do the work.

sudo-rs (sudo rewritten in rust) has had few recent vulnerabilities:

https://security-tracker.debian.org/tra … st-sudo-rs
https://ubuntu.com/security/notices/USN-7867-1

I must have missed the "constructive criticism".

There will probably never be a "Year of the Linux Desktop", because desktops and by extension laptops which run a consumer OS such as Windows or macOS are developed for profit first and foremost and to hold a users hand through normal usage, installtion of software, configuration and setup. That is to say that they are designed and engineered to meet the demands of a customer - and underlying complexity isn't a problem for such OS so long as the UI and getting things installed and working is "easy". The large teams develping such an OS are well paid and the people using it almost always pay for it, either with their money or their data. This model doesn't translate to FOSS software developed by volunteers, who don't service customers at all.

A "free" OS is a whole different ball game: No one is going to develop "Desktop Linux" completely for free - for people who want a Windows/macOS experience, if there are no rewards for doing so - which is why it hasn't happened to date.

Of the projects making the biggest strides in that direction, such as systemd, gnome, KDE, wayland, etc - they have attracted criticism from certain quarters for particular design decisions, increased complexity and/or corporate funding/influence.

Undortunately any efforts towards Linux on the desktop nowadays will be corporate backed aside from simple Window managers. There is the conundrum. To avoid this move away from UNIX style KISS philosophy, means embracing simpler software such as window managers and using the terminal - you can't have it both ways... well you can, but you need to get the skills to do it yourself.

Always easy to blame those people who presumably should have developed and maintained 23 year old software for free...

Be aware: https://lists.debian.org/debian-devel/2 … 00288.html

Rust is already a hard requirement for all except those obscure architectures that are referenced

Rust is a fad and it's adoption has slowed, but "memory safe" is now a thing, regardless of what happens with rust in the future.

Actually they can and they have. You should refer to the licences of the Linux kernel and systemd in particilar, both corporate funded and managed projects.

By contrast, look at projects like OpenBSD, NetBSD and FreeBSD where there are donations, but zero or far less corporate reps steering things. All of those are permissive licenced. The main difference is that when e.g. Apple wanted to use code from any of those and include it in their OS, they just did that - they had no need to implant their own people, pay for things and take control - as the likes of MS, facebook, IBM, Microsoft, etc have done with the Linux Foundation.

Debian is the base system for Ubuntu, shares many of the same "developers" and maintainers, culture, etc.

Donald is doing a great job of deterring anyone of above average intellect from visiting the site - he should be welcoming bots, not excluding them...

debianuserforums.org has been gone for years now.

I was attempting to point out that sudo's record for vulnerabilities is considerably better than that of the Linux kernel, for example.

I think sudo has a bad press because of the association with Ubuntu - even though it was actually developed by an OpenBSD developer and the Ubuntu default configuration of sudo actually makes no sense, unless one specifically wants the auditing - otherwise su will suffice.

Aside from the above, sudo makes sense in settings where you want to alliow someone to carry out a specific task, which requires root privileges, without giving them root.

@zapper, two important points:

Most people do not make informed choices based on engineering and good design - after having gained an understanding. They make uninformed decisions based on marketing, and have little understanding of the software. Chrome was marketed to the majority of people who know zero about FOSS anyway, and to such people Chrome is "free". To FOSS users and developers, the underlying chromium/blink is "open source", and Mozilla were busy destroying themselves from the inside out, so chromium's ascent, not just as Chrome, but as a new base for most browsers outside of Apple, and many "apps", was assured.

The mozilla corporation and foundation are to blame for this. They're not trying to take back market share / mind share and are focused on the wrong things. They surrendered to chromium, due to who pays the bills. I'm was surprised that firefix didn't rebase on chromium long ago... but then you have to remember this would fuel a true fork, which the paymasters don't want - so leaving the thing on life support and mismanaged by clowns was the best strategy.

Back on topic.

I don't see gnome project's actions and future plans as anything new or startling.

gnome is developed by people either in the corporate employ and/or under corporate direction. I have honestly never understood or seen the point in it, but there it us. It has been developed and offered as a brand/product for over a decade now and most people who have been using Linux for a few years will know whether or not they want to use it or avoid it altogether.

gnome project developers famously stated on their mailing lists that they wanted to restrict themining, installing and choosing non default applications and modifying the appearance.  It's a stated goal of the project that someone looking over the shoulder of a gnome user can instantly see that they are using gnome (as is the case with Windows or macOS).

For the gnome project, the old "we're dropping support for xyz [to push users onto abc] because of [all these man power and maintenance related reasonings]" is just normal day to day workflow. Your only choice is to vote with your feet. As you will learn from the OpenBSD project: if you're not a developer, you don't get to make the decisions - we are "along for the ride".