[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Policy re. static linking of binaries ? (SSH)


SSH is currently dynamically linked against libc5, gmp, and zlib1.

IMHO it should be statically linked, since it is a security program, and might 
otherwise have its security affected by the replacement of one of these 
libraries --- what do others think ?

Another reason for static linking is that it provides a way of recovering from 
failed installs of ld.so and the like.  I have been saved by this in the past, 
when doing remote upgrades.

On a related issue, the upstream source for SSH includes the source for both 
gmp, and zlib1.  Should I be using those, or the Debian versions to link 
against ?
I would say that using the included source guarantees that we are running what 
other SSH users are running, which is probably a good thing.

Cheers, Phil.

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: