Subject: Re: static linking for NetBSD
To: NetBSD Security Technical Discussion List <tech-security@NetBSD.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
Date: 09/15/2003 21:35:32
> The _benefit_ of static binaries is that the processes run from them
> _cannot_ dynamically load new code.
If you believe that you are deluding yourself. At most, they cannot
dynamically load new code using the OS's dynamic-linker facilities, and
I'm not entirely sure of even that.
There is a security benefit accruing to static linking related to
dynamic loading, but this isn't it. I've had a few stabs at stating
what it is, but haven't found any short way of putting it - anyone?
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML firstname.lastname@example.org
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B