Re: No benefit for running sash as root shell?

[Jules Bean <jmlb2@hermes.cam.ac.uk>]

On Mon, 31 Aug 1998, Wichert Akkerman wrote:

> Previously Jules Bean wrote:
> > Not much there on statically linked files at all.  Anyone care to point me
> > to a discussion on this?
> 
> I can't find it anymore, although I'm sure it is somewhere. Basically
> it comes down to this: compiling everything static makes the /sbin tree
> much bigger, and thus more likely to get hit by corruption. If you use
> dynamically linked programs everything is smaller and thus reducing
> the risk of things getting corrupted. But on the downside if libc is
> corrupted you still loose.
> 
> Either way it's a tradeoff. Our current system has been working for years
> and I don't see any need to chance it.
> 

Noted.

There is a case which can be made, then for a 'static-kit' package, which
contains statically linked copies of a shell, and somre core utilities
like fsck, getty, login (init?) and so forth.  This could then divert the
existing binaries out the way. 

I'm not volunteering, though.  but someone who was concerned about this
could create one.  

Jules

/----------------+-------------------------------+---------------------\
|  Jelibean aka  | jules@jellybean.co.uk         |  6 Evelyn Rd	       |
|  Jules aka     | jules@debian.org              |  Richmond, Surrey   |
|  Julian Bean   | jmlb2@hermes.cam.ac.uk        |  TW9 2TF *UK*       |
+----------------+-------------------------------+---------------------+
|  War doesn't demonstrate who's right... just who's left.             |
|  When privacy is outlawed... only the outlaws have privacy.          |
\----------------------------------------------------------------------/