Subject: Re: static linking for NetBSD
To: Brett Lymn <>
From: Greg A. Woods <>
List: tech-security
Date: 09/16/2003 03:11:07
[ On Tuesday, September 16, 2003 at 12:29:52 (+0930), Brett Lymn wrote: ]
> Subject: Re: static linking for NetBSD
> Feh - use verified exec then.

I'd still like to see a proper mathematical proof of that concept which
includes coverage of the bootstrap issue.

There are just too many catch-22's in it for me to believe it does
anything more than obfuscate the real problems and just provide a false
sense of security.

The parmount rule of software security is still:  K.I.S.S.

Checking what amounts to the same thing twice doesn't seem to add any
assurance to me, and instead it only seems to add unnecessary complexity.

						Greg A. Woods

+1 416 218-0098                  VE3TCP            RoboHack <>
Planix, Inc. <>          Secrets of the Weird <>