Policy re. static linking of binaries ? (SSH)

To: debian-devel@lists.debian.org
Subject: Policy re. static linking of binaries ? (SSH)
From: Philip Hands <phil@hands.com>
Date: Fri, 11 Jul 1997 01:57:36 +0100
Message-id: <[🔎] 15558.868582656@hands.com>

Hi,

SSH is currently dynamically linked against libc5, gmp, and zlib1.

IMHO it should be statically linked, since it is a security program, and might 
otherwise have its security affected by the replacement of one of these 
libraries --- what do others think ?

Another reason for static linking is that it provides a way of recovering from 
failed installs of ld.so and the like.  I have been saved by this in the past, 
when doing remote upgrades.

On a related issue, the upstream source for SSH includes the source for both 
gmp, and zlib1.  Should I be using those, or the Debian versions to link 
against ?
I would say that using the included source guarantees that we are running what 
other SSH users are running, which is probably a good thing.

Cheers, Phil.






--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: Policy re. static linking of binaries ? (SSH)
  - From: Philippe Troin <phil@fifi.org>
- Re: Policy re. static linking of binaries ? (SSH)
  - From: joost@rulcmc.leidenuniv.nl (joost witteveen)

Prev by Date: Re: GNU Win32? Not anymore.
Next by Date: Re: Packaging system improvements
Previous by thread: LOADLIN strangeness
Next by thread: Re: Policy re. static linking of binaries ? (SSH)
Index(es):
- Date
- Thread