#333 7-Zip should return to the old installer

[Anonymous]

The way 7-Zip uses NSIS installer offers no advantage
over the Setup Information File found in previous
releases. Furthermore, it creates following problems:

NSIS uses compression methods not recognized by major
archivers. This creates security risks, because there
is no independent way to verify contents of NSIS
packages without running it. In the old 7-Zip
packages, at least I can use WinRAR to extract the
contents first, but not the current ones. Some mirror
sites will reject 7-Zip simply because package contents
can't be prescanned by anti-virus software. In
addition, if I have never known of 7-Zip's official
site, I would most likely get 7-Zip in places other
than SourceForge. In such scenario, even if the
official packages are secure, the ones obtained by
users from the mirrors may not. It is crucial for
7-Zip not to lose its accountability.

NSIS is bloated. Each instance of NSIS uses around
57000 bytes, but a corresponding .inf file only needs
less than 8000 bytes. Furthermore, using .inf file
requires no additional temporary space just to run the
installer.

Any installer used to package 7-Zip should meet the
following requiremnts:
- 7-Zip package must be compressed with a
non-proprietary format (or free implementation of such
formats exist), and the package itself must include
corresponding archive header(s) recognizable by major
archivers. Using an open compression method alone is
insufficient.
- Installer should only extract compressed content
once, i.e. to user-specified target, per installation.
- In addition to installed files, extra space needed to
register installed contents for uninstallation purposes
should not be larger than equivalent .inf implementation.