Date: Fri, 10 Nov 2000 02:55:22 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: Mike Smith <msmith@FreeBSD.ORG> Cc: Warner Losh <imp@village.org>, "Daniel C. Sobral" <dcs@newsguy.com>, John Baldwin <jhb@FreeBSD.ORG>, arch@FreeBSD.ORG, Alfred Perlstein <bright@wintelcom.net> Subject: Re: The shared /bin and /sbin bikeshed Message-ID: <20001110025522.B15361@citusc17.usc.edu> In-Reply-To: <200011100959.eAA9xJ905757@mass.osd.bsdi.com>; from msmith@FreeBSD.ORG on Fri, Nov 10, 2000 at 01:59:19AM -0800 References: <200011100938.CAA48105@harmony.village.org> <200011100959.eAA9xJ905757@mass.osd.bsdi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--4SFOXa2GPu3tIq4H Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Nov 10, 2000 at 01:59:19AM -0800, Mike Smith wrote: > I think "NO_STATIC_BINARIES" should make everything dynamic that can be= =20 > made dynamic, so your limited functionality change is probably right. Can I just chime in and say that statically linked binaries suck because they can be impossible to scan for when a library they were linked against has a bug or security vulnerability. Often you can be lucky and find a magic string in the binary which unambiguously shows whether or not it was linked against a vulnerable version (e.g. a RCS ID), but sometimes you have nothing to go on and it's hard to work out whether the binary was even linked against the library, let alone a vulnerable version thereof. Adding RCS IDs to all the source code files in the FreeBSD libraries (conditional on a compile-time anti-bloat option, e.g. buried in a macro) would fix this. Kris --4SFOXa2GPu3tIq4H Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjoL1BkACgkQWry0BWjoQKV2YACg1iFUBOR/6vWsJZRaycoBtbDB BtUAoJeWTJc1fTsXbFGIZ2grICsALZ3f =3nIX -----END PGP SIGNATURE----- --4SFOXa2GPu3tIq4H-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001110025522.B15361>