Subject: Re: static linking for NetBSD
To: Michael Richardson <mcr@sandelman.ottawa.on.ca>
From: Brett Lymn <blymn@baesystems.com.au>
List: tech-security
Date: 09/16/2003 12:29:52
On Mon, Sep 15, 2003 at 10:30:37PM -0400, Michael Richardson wrote:
>
> Linux is rapidly approaching Windows-Style DLL bit-rot.
>
Errrr Linux is not a good thing to benchmark against - the horrors of
incompatiable versions of glibc is unspeakable. A shared libary that
is generated by people whose philosophy seems to be "update to the
latest coz we cannot be arsed with backwared compatiability" is no
argument that shared libraries are bad.
> I find it much easier to do:
> % /sbin/md5sum /sbin/login
>
And you actually trust your md5sum is not trojaned? How interesting.
> and compare that value to a known to be good (non-trojan'ed) /sbin/login,
> knowing that since it doesn't load anything, it can't be trojan'ed by libc
> or ld screwing. I just find static linked binaries easier to cope with,
> easier to upgrade, and easier to verify.
>
Feh - use verified exec then.
>
> Maybe, as some have said, this is my delusion - maybe Solaris 9 gets it
> done so correctly that I'd just rave when I saw it - but RedHat sure doesn't.
> Debian seems to do better - but only because they understand that making
> be upgrade things to get security patches doesn't fly.
>
Having managed Sun systems for many years, yes, Sun do get it pretty
much right. I can apply patches for shared libraries to my system
without lossage occuring, my binaries that were compiled on a Solaris
2.5 machine still run fine on my Solaris 9 machine (modulo kernel
grovelling ones which may break). I have had troubles getting a RH8
binary running in RH9 due to, what seems to be, arbitrary interface
changes in glibc - trying to point at linux as an example of why
shared libraries is bad is dodgy, their philosophy is wrong which
flows down to their implementation which causes pain and lossage.
NetBSD, at least, works to avoid doing that.
--
Brett Lymn