libgpg-error0 and libgcrypt11: static linking or move from /usr/lib to /lib?

To: Debian-Devel <debian-devel@lists.debian.org>
Subject: libgpg-error0 and libgcrypt11: static linking or move from /usr/lib to /lib?
From: Jonas Meurer <jonas@freesources.org>
Date: Mon, 10 Dec 2007 02:50:24 +0100
Message-id: <[🔎] 20071210015024.GA1137@freesources.org>
Mail-followup-to: Debian-Devel <debian-devel@lists.debian.org>

Hey,

in the cryptsetup package we currently link statically against libgcrypt11
and libgpg-error0. cryptdisks is run before mountall.sh, thus we cannot
depend on libraries which are are located in /usr/lib. in many systems
/usr is a seperate partition.

static linking has been a good solution in the past, but from a security
point of view it should be avoided.

if libgcrypt11 and libgpg-error0 libraries would be moved from /usr/lib
to /lib, dynamical linking would be an option. that's how it seems to be
done in ubuntu:

https://bugs.launchpad.net/ubuntu/+source/libgcrypt11/+bug/139635

what do you think? should we ask libgcrypt11 and ligpg-error0 maintainers
to move the libraries to /lib, or is it better to stay with static linked 
libraries?

greetings,
 jonas

Reply to:

Follow-Ups:
- Re: libgpg-error0 and libgcrypt11: static linking or move from /usr/lib to /lib?
  - From: Simon Richter <sjr@debian.org>

Prev by Date: Re: -Wl,--as-needed considered possibly harmful
Next by Date: Re: -Wl,--as-needed considered possibly harmful
Previous by thread: Key signing party in Lille 9-10 dec ?
Next by thread: Re: libgpg-error0 and libgcrypt11: static linking or move from /usr/lib to /lib?
Index(es):
- Date
- Thread