Policy re. static linking of binaries ? (SSH)
SSH is currently dynamically linked against libc5, gmp, and zlib1.
IMHO it should be statically linked, since it is a security program, and might
otherwise have its security affected by the replacement of one of these
libraries --- what do others think ?
Another reason for static linking is that it provides a way of recovering from
failed installs of ld.so and the like. I have been saved by this in the past,
when doing remote upgrades.
On a related issue, the upstream source for SSH includes the source for both
gmp, and zlib1. Should I be using those, or the Debian versions to link
I would say that using the included source guarantees that we are running what
other SSH users are running, which is probably a good thing.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to firstname.lastname@example.org .