Subject: Re: HEADS UP: migration to fully dynamic linked "base" system
To: Jason R Thorpe <>
From: Johnny Billquist <>
List: current-users
Date: 08/27/2002 17:34:14
On Tue, 27 Aug 2002, Jason R Thorpe wrote:

> 	* security updates
> With a fully dynamic system, a fix to e.g. the libc resolver only requires
> a libc upgrade to fix everything, not a libc+ping+ping6+... upgrade.

While true, that goes both ways. It also becomes a potentially more
dangerour system. Sneak things into libc, and you have an even better
chance at perverting things.

I don't want to get into a security discussion here, but I don't really
like the dynamic library things being praised as a security improver.

So let's drop that one, please?


Johnny Billquist                  || "I'm on a bus
                                  ||  on a psychedelic trip
email:           ||  Reading murder books
pdp is alive!                     ||  tryin' to stay hip" - B. Idol