--s9fJI615cBHmzTOP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Jun 24, 2004 at 02:30:13PM -0400, Perry E. Metzger wrote:
>=20
> itojun@itojun.org (Jun-ichiro itojun Hagino) writes:
> > 	ok, i got enough comment.  so new proposal: could you please make
> > 	/usr/bin/su a static binary?  it's a one-line Makefile change.
>=20
> The problem with that is that it will mean that /usr/bin/su can't
> handle things like dynamically linked database modules, for dealing
> with things like hesiod and such.
>=20
> I would suggest that the "right" thing is to create a statically
> linked su *in addition* to the normal /usr/bin/su, and copy that into
> /rescue. We could easily do the makefile machinery to handle that.

And if a site NEEDED su to use the dynamically linked database modules=20
(say governmental or contract security requirements), the site could just=
=20
disable the static su.

Take care,

Bill

--s9fJI615cBHmzTOP
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD4DBQFA2zCIWz+3JHUci9cRAuJlAJ9SLO9b+zeRdd+mJN3glSxLVKT8RwCYiEg3
0mOWeLtUeNoRz4e9tD1a3A==
=kKGF
-----END PGP SIGNATURE-----

--s9fJI615cBHmzTOP--