Bug#555980: debian-policy: No policy on statically linked binaries
Hi,
Russ Allbery wrote:
> Usually I argue for relaxing it to a should. In this case, I think we can
> flesh out the exception somewhat better and preserve the must.
>
> Binary executables must not be statically linked with the GNU C
> library, since this prevents the binary from benefiting from
> fixes and improvements to the C library without being rebuilt
> and complicates security updates. This requirement may be
> relaxed for binary executables whose intended purpose is to
> diagnose and fix the system in situations where the GNU C
> library may not be usable (such as system recovery shells or
> utilities like ldconfig) or for binary executables where the
> security benefits of static linking outweigh the drawbacks.
Seconded.
If the goal is to align with ftpmaster requirements, another possibility
is to explicitly say
* packages must not install binaries or object files statically
linked against glibc unless:
* the package has a name ending with -static,
* the final has a name ending with -static or .static, or
* the package installs a Lintian override file explaining why the
statically linked object is needed.
I think I prefer your suggestion, though.
Thanks,
Jonathan
Reply to: