Re: Perl and Windows 7

I have recently been involved in a similar assessment for a client – not specifically concerning just Perl but a number of different internal applications. A capsule summary of our findings would be this:

(1) The Win32 API upon which all software of course depends remains largely unchanged. Therefore, applications and DLLs by and large continue to execute as expected. A smörgåsbord of non-API libraries have experienced the usual set of changes, which will or will not affect you according to exactly how your particular applications are link-edited. In the case of Perl, for example, some CPAN libraries that are “wrappers” for other libraries may require rebuilding, and the CPANTS test-outcomes tables should be consulted well in advance.

-----

(2) The most significant change of Win7 is, of course, the security-infrastructure management, which has continued to become more visible and intrusive. Digitally-signed installers ... and therefore, the use of installers at the exclusion of every other installation option ... now receive an almost fanatical degree of attention. I expect that Strawberry Perl will by its nature have difficulty with this, and that Active State Perl will continue to become more expensive. ... :-) ... And actually, that wasn’t an attempt at humor.

Windows 7 reflects the realization that most “rogue” software that seriously causes harm arrives on a computer by being installed there. Applications are intentionally being made very difficult to install by any means other than the use of an installer, and installers are made virtually impossible to use at all unless they are digitally signed. While this makes perfect sense for an application, and is already in common use e.g. on smart phones and tablets, it does present problems for a complex language-system such as Perl, as it also does for many in-house applications not related to Perl. Windows (finally) pays very close attention to where a DLL or an executable may be located. It has the power to restrict overrides to the library search-path. It can require signed-code anywhere.

In summary, I think that a proper answer to your question will be more complex than simply determining whether or not the Strawberry Perl core runs on Windows-7. (It does.) What will be of concern is whether the entire set of CPAN libraries that your systems directly or indirectly use can, on a case-wise basis, successfully build and install themselves on all of your company’s Windows-7 targets. To that end, you need to find a way to work closely with the IT teams now, presenting the Perl-based target applications (not “Perl itself”) as the systems that your business must legitimately be able to run. You will get buy-in by pointing out, not only that Perl is not the exception nor exceptional, but that it is the means to an end.

-----

(3) More-or-less as a footnote ... the 32/64-bit issue applies in the usual way. A representative target build-system must be set aside, and Strawberry (with all of your CPAN requirements) must be built upon it to assure compatibility. Once a stable code-base of the entire application is assured, a conventional installer can be used for simplified deployment, and if this be so, a Windows-7 aware version of the installer de jour should be used. In other words, you might wish to build Strawberry, and do all of the installations of CPAN material, then “snapshot” the whole thing for deployment purposes using a different installer ... one which is purposed to install the application(s) on a target computer. Your company may well wish to apply their own digital signature to that installer. The same procedure may be advisable in the case of their existing “purely home-grown” internal applications, as well.

Replies are listed 'Best First'.
Re^2: Perl and Windows 7 by bulk88 (Priest) on Aug 01, 2012 at 19:32 UTC
I dont think the installer issue is relevant. The issue is can you run unsigned native code at all? WOA no http://www.osnews.com/story/25935/Mozilla_Google_voice_concern_over_Windows_8_browser_restrictions. OSX, 1 version from being totally banned, http://www.osnews.com/story/25619/Mac_OS_X_10_8_restricted_to_App_Store_signed_apps_by_default. Some predict Windows 9 Desktop will not allow unsigned code, http://arizday.blogspot.com/2012/04/facts-of-windows-9-so-far.html. I'm predicting all Windows native code will be dropped this decade, Microsoft has had a pure CIL, no machine code OS for years, http://en.wikipedia.org/wiki/Singularity_%28operating_system%29. I remember 10 years ago, Apple did something identical with Darwin. Darwin from day 1 ran on Intel 32 bit and PowerPC, and I was thinking to myself in 2001/2002, Apple must be planning to go to Intel since day one and drop their proprietary processors/platform. Fast forward 4 years, and Apple declares PowerPC dead and switches to Intel x64. Look, these corporations wouldn't be investing in the research for philanthropy. These are their current plans. Your only hope is someone writing a x86 virtual machine in pure Java/"bytecode language of the day" emulating address space in a large string. I better get started on rewriting the Perl 5 interp in C#, or javascript. Who wants to help?	[reply]
Re^3: Perl and Windows 7 by locked_user sundialsvc4 (Abbot) on Aug 01, 2012 at 20:53 UTC
`:-)` I think you have no fear about that, at least insofar as installed applications are concerned. Every corporation in the world has “its own” applications, and therefore has the need to be able to install them on “its own” computers. But we do (finally!) live in a less-trusting world, in which “any ol’ application installer” that happens to show up on your doorstep will no longer be given the Administrator/Root password as a matter of course, and succeed quite unhindered in its possibly nefarious business. Even though a few of the articles that you mentioned do seek to raise an alarm, the simple truth in the corporate environment is that corporations are full of home-grown applications that need to be installed upon other machines within their workplace. What the companies in question need, even though they may not have formally recognized this need before now, is the ability to ensure that the “home-grown application” really did come from them! Both Windows and OS/X, entirely of necessity, do provide the means for corporations to issue their own digital signing certificates that will be accepted within the corporation’s own designated trust chains (and of course, nowhere else). (Let us meanwhile sincerely hope that the days are long-gone when any ol’ web site can download an “extension” and have it be installed automagically ...) Your company IT department now has the ability to ensure that the only apps that can be installed upon “their” computers, are “theirs.” (They can even exclude public applications, if they so choose.) Therefore, if your application needs to be widely distributed within the company, you might have to construct a custom installer for it. If, on the other hand, the application needs only to continue to run on the one machine where it is now situated, that is a much simpler requirement.