Re: Debian Policy 3.9.6.0 released
On Wed, Sep 17, 2014 at 09:52:31PM +0000, Thorsten Glaser wrote:
> Bill Allombert dixit:
>
> > 10.1
> > Binaries must not be statically linked with the GNU C library,
> > see policy for exceptions.
>
> It says there that exceptions *may* be granted, but not by whom.
The policy does not say that somebody may grant exceptions, but that the
requirement can be relaxed in some specific circumstances.
This is the full paragraph:
Binary executables must not be statically linked with the GNU C
library, since this prevents the binary from benefiting from fixes and
improvements to the C library without being rebuilt and complicates
security updates. This requirement may be relaxed for binary
executables whose intended purpose is to diagnose and fix the system
in situations where the GNU C library may not be usable (such as
system recovery shells or utilities like ldconfig) or for binary
executables where the security benefits of static linking outweigh the
drawbacks.
> So, who can grant an exception for the (already existing)
> /bin/mksh-static file (which fits the criteria named in §10.1)?
Debian has a long standing practice of providing statically linked
shells (bash-static, zsh-static).
/bin/mksh-static clearly fits the condition given for relaxing the requirement,
thus there is no issue.
Cheers,
--
Bill. <ballombe@debian.org>
Imagine a large red swirl here.
Reply to: