tech-userlevel: Re: static linking for NetBSD

Subject: Re: static linking for NetBSD
To: None <tech-security@netbsd.org, tech-userlevel@netbsd.org>
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
List: tech-userlevel
Date: 09/15/2003 23:11:47

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Brett" == Brett Lymn <blymn@baesystems.com.au> writes:
    Brett> Errrr Linux is not a good thing to benchmark against - the horrors

  Yes, maybe a good point.

    >> I find it much easier to do:
    >> % /sbin/md5sum /sbin/login 
    >> 

    Brett> And you actually trust your md5sum is not trojaned?  How
    Brett> interesting. 

  I give this example metaphorically :-)

    Brett> Having managed Sun systems for many years, yes, Sun do get it pretty
    Brett> much right.  I can apply patches for shared libraries to my system

  Sounds great. I stopped using Sun's in day to day use sometime around
Solaris 2.3, when the Sparc port starting being useable :-)

    Brett> grovelling ones which may break).  I have had troubles getting a RH8
    Brett> binary running in RH9 due to, what seems to be, arbitrary interface
    Brett> changes in glibc - trying to point at linux as an example of why
    Brett> shared libraries is bad is dodgy, their philosophy is wrong which
    Brett> flows down to their implementation which causes pain and lossage.
    Brett> NetBSD, at least, works to avoid doing that.

  But, we still share code with them: X, KDE, GNOME. At least they were
optional. That's why I don't want PAM in my /bin/login. I don't want to
share that incompetence!

  The fact that I don't need it for anything I do, while BSD auth provides
some things that I've found useful also sways me. 

]      Out and about in Ottawa.    hmmm... beer.                |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian/notebook using, kernel hacking, security guy");  [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys - custom hacks make this fully PGP2 compat

iQCVAwUBP2Z/coqHRg3pndX9AQGnngP7BmUWQI7kNQ9LyFfOgL60zSMM/FY78vTd
ClXWFTivN128TWB6UiV6e0fivghSUGrsXKbuxdoW3hyDpN5SpCXuRGHiGYebLDe+
wWoYgKShl69bz+cKDXd4VfbXVZvTi0MW32dYrQ8Bb1wGH8mXXtpq03PDfM5BhcRv
5UwuU6ik4ig=
=aAS7
-----END PGP SIGNATURE-----