Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 22 Apr 1998 08:35:07 +0200
From:      Poul-Henning Kamp <phk@critter.freebsd.dk>
To:        Nate Williams <nate@mt.sri.com>
Cc:        Peter Wemm <peter@netplex.com.au>, freebsd-security@FreeBSD.ORG
Subject:   Re: Static vs. dynamic linking (was Re: Using MD5 insted of DES ...) 
Message-ID:  <2234.893226907@critter.freebsd.dk>
In-Reply-To: Your message of "Wed, 22 Apr 1998 00:16:38 MDT." <199804220616.AAA02036@mt.sri.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
In message <199804220616.AAA02036@mt.sri.com>, Nate Williams writes:
>Peter Wemm writes:
>> FWIW, I'm a little amazed at the paranoia about dynamic linking.  I have
>> *never* *ever* "lost" or damaged ld.so except through stupidity (made a
>> mistake with a source change and caused an undefined symbol).  I have never
>> lost or damaged libc.so except through stupidity (again, generally through
>> normal development accidents with undefined symbols).
>
>I have thwacked the snot out of my system by replacing libc.so to the
>point that nothing except the static stuff in /bin|sbin worked.  It
>doesn't happen too often, but when it does the only recourse was to use
>the static stuff to recover, which I was able to do.
>
>With dynamic programs, instead of having a single point of failure, you
>have *many*.  ld.so, libc.so, potentially /var/run/ld.hints, etc...

And of course, you DO keep a boot.flp/fixit.flp combination close at
hand, right ?

>There are too many variables plus the performance advantages of having a
>static /bin/sh to even argue about the *minute* advantage of having a
>completely dynamic system, vs. the hybrid we have now.

I disagree, I think just the crypt problem is sufficient argument to
go dynamic.

--
Poul-Henning Kamp             FreeBSD coreteam member
phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
"Drink MONO-tonic, it goes down but it will NEVER come back up!"

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2234.893226907>