[lectrick]

1) it puts software into /usr/local, in userland, which is safer from both an OS stability and security perspective, since 99% of installable software doesn't deserve to run as root anyway. And then it modifies the PATH so that the OS first looks there, making it supersede any OS-installed packages.

2) it uses git

3) it has a really nice Ruby DSL (probably lost on you)

4) as I've mentioned elsewhere here, I've OFTEN hung my Linux distros on the next boot by doing a simple "apt-get update". This has NEVER happened in years of using Homebrew.

5) If you Linux folks had any sense of design (software or otherwise) to begin with, your OS wouldn't be primarily relegated to the backend, so the fact that you're one of dozens of people repeating the same "we don't need another package manager" doesn't surprise me in the least, because you guys wouldn't recognize a better design if it pulled up to you in a bus like this: https://www.youtube.com/watch?v=sLB-uMPj27s

[cozzyd]

1) So /usr/local is now writable by users? Most software doesn't run as root regardless of where it's installed... I think you mean that you can install into a user prefix without admin privileges, which does make sense for certain packages (if different users require different versions, or something like that).

You can probably accomplish something similar with yum/rpm though by using the downloadonly plugin and using relocatable rpm's (though probably most distro rpm's are not relocatable, but that doesn't stop someone from creating a custom repository of relocatable rpm's and offering a script that does something like yum-downloader --resolve --destdir=~/.myrpms ; rpm --prefix=~/.local/ --dbpath=~/.myrpmdb -Uvh ~/.myrpms/* )

2) So? A repository of rpm specs or the debian equivalent could also be stored in git...

3) Maybe that's nicer, but it could probably build a .spec file (or the debian equivalent) as well in the same DSL which would be superior.

4) Probably because you never installed a kernel or other system package using homebrew

5) Yes homebrew, a third-party hacky collection of scripts necessary because OS X does not provide basic tools for managing software, is an example of superior OS design by Apple?

[Tiksi]

1) Putting everything in /usr/local is far less secure as that means its world writable (oh, my version of bash just overwrote yours, and I added some extra patches ;) ). If it's just in the user's home directory, it's all running as the same user, which is far FAR less secure, now you don't even need privilege escalation to access everything, it's already owned by the same user. Also good luck running anything on standard ports like that. As far as stability, anything that could realistically affect stability can't be installed or run as an unprivileged user anyways. All that being said, with yaourt and makepkg, you can do the same thing, I'm sure there's ways for other systems. Also userland doesn't mean what you think it means.

2 ) You have yet to show why that's a good thing, but https://aur.archlinux.org/packages/?O=0&K=git so what?

3) makepkg has a really nice Bash DSL (probably lost on you) (and also a load of really nice docs)

4) You have indeed mentioned that everywhere, but don't seem to realize that generally software that can hang your "Linux distros on the next boot by doing a simple "apt-get update"" can't be installed or (directly) run as a non-privileged user. Have fun with your grub install in /home, let me know how that hangs on the next boot. Also I wasn't aware that updating a package list modified anything but the package list, but hey, if you say so.

5) If you Arrogant folks (can't even say mac folks, most are reasonable) had any sense of functionality (software or otherwise) to begin with, your OS wouldn't be primarily relegated to a status symbol, so the fact that you're one of the dozens of people repeating the same "we don't need to learn more than one shiny button" doesn't surprise me in the least, because you guys wouldn't recognize better functionality if it pulled up to you in a bus like this: https://www.youtube.com/watch?v=tmYrWXhFf4c

Sorry, got a little angry there, I dont hate mac folk, just arrogant folk from any camp and I recognize the appeal of and need for good design (which brew is not)

[soneil]

Point 1 I keep seeing repeated, but it's entirely false. Installing packages as the user does not increase security in the least. If anything, it weakens the traditional unix security model because now the running user owns the binaries, running processes can modify them.

"run as root" is nothing to do with this. Who installs the package and who runs it are entirely disconnected. If I install a package as root, and run it with my user, it's running as my user, not root.

All it actually illustrates is that the package manager is not trusted. You don't give homebrew root so that it can't damage the OS by accident. The end result is a binaries that are at risk from errant processes, but it seems this is preferable to trusting homebrew.

[davexunit]

>If anything, it weakens the traditional unix security model because now the running user owns the binaries, running processes can modify them.

This is a great issue to point out. This is why package managers like Nix and Guix (and maybe others I do not know about) use an immutable store for package builds. Unprivileged users may still install and use the software in the store, but the Unix security model prevents them or a malicious process running under their user account from corrupting what has been built.