Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAPLrYEQUdm32YLMU=vajy5Oj=KQ5Z4tVgexYiGSdEksQmuyJrQ@mail.gmail.com>
Date: Tue, 25 Sep 2012 13:58:48 +0200
From: Daniel Cegiełka <daniel.cegielka@...il.com>
To: musl@...ts.openwall.com
Subject: Re: filesystem layout

2012/9/25 Luca Barbato <lu_zero@...too.org>:
> On 09/25/2012 01:26 PM, Kurt H Maier wrote:
>> On Tue, Sep 25, 2012 at 01:22:44PM +0200, Luca Barbato wrote:
>>>
>>> Static linking could be dangerous from a security/maintainance
>>> standpoint, but that is me looking at the specific scenarios in which
>>> Gentoo shines.
>>
>>
>> This is a common myth.  lazy or ineffective system management is a
>> danger regardless of the linking type.
>
> Spending lots of time unbundling dependencies from packages so they
> could use the up-to-date shared version might bring you to have a bias.
>
> Any system management that force you to reinstall all your packages
> because zlib had a bug doesn't seem efficient.

dynamic linking itself can generate problems:

http://www.catonmat.net/blog/ldd-arbitrary-code-execution/

daniel

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.