From owner-freebsd-arch@FreeBSD.ORG Thu Jun 5 15:11:19 2003 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8B8ED37B404 for ; Thu, 5 Jun 2003 15:11:19 -0700 (PDT) Received: from praetor.linc-it.com (hardtime.linuxman.net [66.147.26.65]) by mx1.FreeBSD.org (Postfix) with ESMTP id 521FB43FE0 for ; Thu, 5 Jun 2003 15:11:18 -0700 (PDT) (envelope-from fullermd@over-yonder.net) Received: from mortis.over-yonder.net (adsl-156-172-64.jan.bellsouth.net [66.156.172.64]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by praetor.linc-it.com (Postfix) with ESMTP id C940E1527E; Thu, 5 Jun 2003 17:11:16 -0500 (CDT) Received: by mortis.over-yonder.net (Postfix, from userid 100) id B35D220F21; Thu, 5 Jun 2003 17:11:14 -0500 (CDT) Date: Thu, 5 Jun 2003 17:11:14 -0500 From: "Matthew D. Fuller" To: Terry Lambert Message-ID: <20030605221114.GB51432@over-yonder.net> References: <20030603113927.I71313@cvs.imp.ch> <16092.35144.948752.554975@grasshopper.cs.duke.edu> <20030603115432.EGLB13328.out002.verizon.net@kokeb.ambesa.net> <20030603122226.BGPM11703.pop018.verizon.net@kokeb.ambesa.net> <3EDD81A4.B6F83135@mindspring.com> <3EDDF732.1060606@tcoip.com.br> <3EDF2B1C.6E9C892E@mindspring.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3EDF2B1C.6E9C892E@mindspring.com> User-Agent: Mutt/1.4i-fullermd.1 X-Editor: vi X-OS: FreeBSD cc: arch@freebsd.org Subject: Re: Making a dynamically-linked root X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2003 22:11:19 -0000 On Thu, Jun 05, 2003 at 04:35:56AM -0700 I heard the voice of Terry Lambert, and lo! it spake thus: > > And if init or mount gets hosed? Oh, come on. You're smarter than that. If a static /sbin/init gets hosed, you're screwed. If a dynamic /sbin/init gets hosed, you're screwed. If /lib/libc gets hosed, your dynamic /sbin/init is screwed. Your static /sbin/init still moves along just fine. It's not that static binaries eliminate SPoF's. They just reduce the scope of some failures. Whether that reduction is sizeable or lost in the noise is left as an exercise to the reader (presuming the reader understands the concept of "different strokes"). > You're not so much missing anything as you are ignoring the > examples which are inconvenient to arguing your position. A reasonable statement, but equally true in reverse. Dynamic _everything_ multiplies the number of single failures that can completely screw you by making many more failures able to indirectly b0rk basic things like "getting a shell". For extra points, find the false statement: - Static-linked systems are immune from corruption failures. - Dynamically-linked systems no more failure modes than static. -- Matthew Fuller (MF4839) | fullermd@over-yonder.net Systems/Network Administrator | http://www.over-yonder.net/~fullermd/ "The only reason I'm burning my candle at both ends, is because I haven't figured out how to light the middle yet"