From owner-freebsd-security Wed Jun 26 19: 0:31 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx7.roble.com (mx7.roble.com [206.40.34.7]) by hub.freebsd.org (Postfix) with ESMTP id AADBC37C66B for ; Wed, 26 Jun 2002 18:46:47 -0700 (PDT) Date: Wed, 26 Jun 2002 18:46:42 -0700 (PDT) From: Roger Marquis To: security@FreeBSD.ORG Subject: Legacy Static Linking (was: Security Advisory FreeBSD-SA-02:28.resolv) Message-ID: <20020626183519.F36946-100000@roble.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Robert Watson wrote: >You will catch most applications simply by rebuilding libc and >reinstalling. Unfortunately, some applications are statically linked, and >they must be individually relinked against the new libc and reinstalled. This makes a good case for doing away with static linking of system binaries. Why does FreeBSD have statically linked binaries? Static binaries were originally compiled because the libraries under /usr had to be mounted from a network filesystem or second disk and were not always available on boot. Since 1GB and larger SCSI hard drives became generally available (~1992) there has not been a compelling need to split /usr onto another disk/partition and, by extension, there has not been a real need for statically linked binaries. The track record of Unix and non-Unix operating systems which no longer ship with statically linked binaries is evidence they are no longer necessary. IMHO, -- Roger Marquis Roble Systems Consulting http://www.roble.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message