[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

libgpg-error0 and libgcrypt11: static linking or move from /usr/lib to /lib?


in the cryptsetup package we currently link statically against libgcrypt11
and libgpg-error0. cryptdisks is run before mountall.sh, thus we cannot
depend on libraries which are are located in /usr/lib. in many systems
/usr is a seperate partition.

static linking has been a good solution in the past, but from a security
point of view it should be avoided.

if libgcrypt11 and libgpg-error0 libraries would be moved from /usr/lib
to /lib, dynamical linking would be an option. that's how it seems to be
done in ubuntu:


what do you think? should we ask libgcrypt11 and ligpg-error0 maintainers
to move the libraries to /lib, or is it better to stay with static linked 


Reply to: