Re: Policy re. static linking of binaries ? (SSH)
---------- Forwarded message ----------
Wouldn't it be a good thing to have fsck and a few other system critical
binaries staticly linked? I know when my file system is messed up
and broken, the last thing I am going to want is to have fsck NOT
work because it cant link with some library. I remember when I tried
to downgrade my ldso package, and it trashed my /etc/ldso.conf file
and then NOTHING would work at all, except statically linked stuff.
That was a very bad thing.
-Erik
--
Erik B. Andersen Web: http://www.inconnect.com/~andersen/
email: andersee@debian.org
--This message was written using 73% post-consumer electrons--
On Fri, 11 Jul 1997, joost witteveen wrote:
> > Hi,
> >
> > SSH is currently dynamically linked against libc5, gmp, and zlib1.
> >
> > IMHO it should be statically linked, since it is a security program, and
> > might otherwise have its security affected by the replacement of one of
> > these libraries --- what do others think ?
>
> Well, library replacements are usually bug _fixes_! So, upon upgrading
> your libc to a new version, you'll instantly fix the bugs in sshd
> _if_ it's dynamically linked. What gain is there in linking it static?
> Only to ensure the bugs live longer in sshd!
>
> (It's only sshd you are interested in: ssh (the user programme) gets
> executed by the user, and any user can build a ssh version with any
> shared/static libc version he likes anyway, wheter debian includes a
> shared or static ssh).
>
>
> --
> joost witteveen, joostje@debian.org
> #!/usr/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
> $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
> lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
> #what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
>
>
> --
> TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
> debian-devel-request@lists.debian.org .
> Trouble? e-mail to templin@bucknell.edu .
>
>
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: