Re: Policy re. static linking of binaries ? (SSH)

To: phil@hands.com (Philip Hands)
Cc: debian-devel@lists.debian.org
Subject: Re: Policy re. static linking of binaries ? (SSH)
From: joost@rulcmc.leidenuniv.nl (joost witteveen)
Date: Fri, 11 Jul 1997 14:13:46 +0200 (CEST)
Message-id: <[🔎] m0wmea2-000CMgC@rulcmc.leidenuniv.nl>
In-reply-to: <[🔎] 15558.868582656@hands.com> from Philip Hands at "Jul 11, 97 01:57:36 am"

> Hi,
> 
> SSH is currently dynamically linked against libc5, gmp, and zlib1.
> 
> IMHO it should be statically linked, since it is a security program, and 
> might  otherwise have its security affected by the replacement of one of
> these libraries --- what do others think ?

Well, library replacements are usually bug _fixes_! So, upon upgrading
your libc to a new version, you'll instantly fix the bugs in sshd
_if_ it's dynamically linked. What gain is there in linking it static?
Only to ensure the bugs live longer in sshd!

(It's only sshd you are interested in: ssh (the user programme) gets
executed by the user, and any user can build a ssh version with any
shared/static libc version he likes anyway, wheter debian includes a 
shared or static ssh).


-- 
joost witteveen, joostje@debian.org
#!/usr/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- Policy re. static linking of binaries ? (SSH)
  - From: Philip Hands <phil@hands.com>

Prev by Date: Re: Free software
Next by Date: Re: Policy re. static linking of binaries ? (SSH)
Previous by thread: Re: Policy re. static linking of binaries ? (SSH)
Next by thread: Re: Policy re. static linking of binaries ? (SSH)
Index(es):
- Date
- Thread