Subject: Re: HEADS UP: migration to fully dynamic linked "base" system
To: Johnny Billquist <>
From: Jason R Thorpe <>
List: current-users
Date: 08/27/2002 08:43:25
On Tue, Aug 27, 2002 at 05:34:14PM +0200, Johnny Billquist wrote:

 > While true, that goes both ways. It also becomes a potentially more
 > dangerour system. Sneak things into libc, and you have an even better
 > chance at perverting things.

What a totally absurd argument.  If someone puts a trojan in your libc,
you're hosed, period.  This is true whether or not /bin and /sbin
are static.

If you want to prevent (or at least make extremely difficult) this, then
set the "immutable" bit on the shlib, and run at a high kern.securelevel.

        -- Jason R. Thorpe <>