Date: Wed, 22 Apr 1998 00:16:38 -0600 From: Nate Williams <nate@mt.sri.com> To: Peter Wemm <peter@netplex.com.au> Cc: freebsd-security@FreeBSD.ORG Subject: Static vs. dynamic linking (was Re: Using MD5 insted of DES ...) Message-ID: <199804220616.AAA02036@mt.sri.com> In-Reply-To: <199804220504.NAA01624@spinner.netplex.com.au> References: <199804211814.OAA23669@brain.zeus.leitch.com> <199804220504.NAA01624@spinner.netplex.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter Wemm writes: > FWIW, I'm a little amazed at the paranoia about dynamic linking. I have > *never* *ever* "lost" or damaged ld.so except through stupidity (made a > mistake with a source change and caused an undefined symbol). I have never > lost or damaged libc.so except through stupidity (again, generally through > normal development accidents with undefined symbols). I have thwacked the snot out of my system by replacing libc.so to the point that nothing except the static stuff in /bin|sbin worked. It doesn't happen too often, but when it does the only recourse was to use the static stuff to recover, which I was able to do. With dynamic programs, instead of having a single point of failure, you have *many*. ld.so, libc.so, potentially /var/run/ld.hints, etc... There are too many variables plus the performance advantages of having a static /bin/sh to even argue about the *minute* advantage of having a completely dynamic system, vs. the hybrid we have now. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804220616.AAA02036>