On Fri, Jan 28, 2005 at 08:54:21AM -0800, Jason Thorpe wrote:
> Now, if you want to talk about the security implications of shared 
> libraries (which, in this day and age, pretty much means "dynamic 
> loading"), let's use the case of a security fix being made available 
> for libc (or some other widely-used system library).  Sure is a lot 
> easier to update one file than it is to re-link all of your binaries, 
> isn't it?

I remember the implication of fixing a file locking problem in the
utmp file handling code, since this wasn't part of the dynamic libc [1]
all the customer (and 3rd party) apps that used the function had to
be discovered and relinked.  No mean feat.

	David

[1] A misguided attempt at sparc ABI conformance meant that some libc
functions were dynamic (those in the ABI) and others static.

-- 
David Laight: david@l8s.co.uk