From owner-freebsd-security  Tue Apr 21 23:36:13 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id XAA00809
          for freebsd-security-outgoing; Tue, 21 Apr 1998 23:36:13 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from critter.freebsd.dk (critter.freebsd.dk [195.8.129.14])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA00684
          for <freebsd-security@FreeBSD.ORG>; Wed, 22 Apr 1998 06:35:39 GMT
          (envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.8.7/8.8.5) with ESMTP id IAA02236;
	Wed, 22 Apr 1998 08:35:07 +0200 (CEST)
To: Nate Williams <nate@mt.sri.com>
cc: Peter Wemm <peter@netplex.com.au>, freebsd-security@FreeBSD.ORG
Subject: Re: Static vs. dynamic linking (was Re: Using MD5 insted of DES ...) 
In-reply-to: Your message of "Wed, 22 Apr 1998 00:16:38 MDT."
             <199804220616.AAA02036@mt.sri.com> 
Date: Wed, 22 Apr 1998 08:35:07 +0200
Message-ID: <2234.893226907@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

In message <199804220616.AAA02036@mt.sri.com>, Nate Williams writes:
>Peter Wemm writes:
>> FWIW, I'm a little amazed at the paranoia about dynamic linking.  I have
>> *never* *ever* "lost" or damaged ld.so except through stupidity (made a
>> mistake with a source change and caused an undefined symbol).  I have never
>> lost or damaged libc.so except through stupidity (again, generally through
>> normal development accidents with undefined symbols).
>
>I have thwacked the snot out of my system by replacing libc.so to the
>point that nothing except the static stuff in /bin|sbin worked.  It
>doesn't happen too often, but when it does the only recourse was to use
>the static stuff to recover, which I was able to do.
>
>With dynamic programs, instead of having a single point of failure, you
>have *many*.  ld.so, libc.so, potentially /var/run/ld.hints, etc...

And of course, you DO keep a boot.flp/fixit.flp combination close at
hand, right ?

>There are too many variables plus the performance advantages of having a
>static /bin/sh to even argue about the *minute* advantage of having a
>completely dynamic system, vs. the hybrid we have now.

I disagree, I think just the crypt problem is sufficient argument to
go dynamic.

--
Poul-Henning Kamp             FreeBSD coreteam member
phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
"Drink MONO-tonic, it goes down but it will NEVER come back up!"

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message