Subject: Re: static linking for NetBSD
To: NetBSD Security Technical Discussion List <tech-security@NetBSD.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-userlevel
Date: 09/15/2003 21:35:32
> The _benefit_ of static binaries is that the processes run from them
> _cannot_ dynamically load new code.

If you believe that you are deluding yourself.  At most, they cannot
dynamically load new code using the OS's dynamic-linker facilities, and
I'm not entirely sure of even that.

There is a security benefit accruing to static linking related to
dynamic loading, but this isn't it.  I've had a few stabs at stating
what it is, but haven't found any short way of putting it - anyone?

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B