> The cost is the time spent building the system .... so it really depends
> on your needs.
I disagree. This is a mariginal cost, as I would suspect in a production
environment you wouldn't be building the system from scratch very
regularly. However, I think a very real and oft ignored cost is the one
of complete uniqueness. When you build a system from scratch that means
you are the ONLY person on the planet that has that system. For a
production quality system this is extremely dangerous.
We state over and over the values of "more eyes reviewing code" in the
Open Development process. Why do we not hold the same virtues for
cohesive systems. If I have 20,000 people running the same binary,
chances are if there is some "odd" bug that more than one of those people
is reproducing it. Thus, helping me eliminate it. If all 20,000 people
compiled that source with different compilers flags and same for all it's
dependencies. I very well may never be able to recreate it. BTW: I use
this same argument for building one's own kernels on production machines.
It is not an anti-gentoo thing.
Can you imagine if Ford Motor Company shipped vehicles out as a pile of
parts and you found your own mechanic to assemble it? I suspect we
wouldn't see many 10year / 100,000mile warranties offered. ;)
That said it is great to have options and I think its cool to be able to
compile own desktop to do some wicked stuff, but I suspect if it is
important enough for you to compile thigns to get extra flags for
security, that you realize you are opening a whole other mess of security
problems by custom compiling things and circumventing peer review?
-Derek
(text/plain)