Am Sonntag, 16. Dezember 2012, 23:19:46 schrieb Nikos Chantziaras: > On 15/12/12 12:18, Volker Armin Hemmann wrote: > > Am Freitag, 14. Dezember 2012, 21:34:54 schrieb Kevin Chadwick: > >> On Fri, 14 Dec 2012 08:53:35 -0800 > >> > >> Mark Knecht <markkne...@gmail.com> wrote: > >>> I guess the other question that's lurking here for me is why do you > >>> have /usr on a separate partition? What's the usage model that drives > >>> a person to do that? The most I've ever done is move /usr/portage and > >>> /usr/src to other places. My /usr never has all that much in it beyond > >>> those two directories, along with maybe /usr/share. Would it not be > >>> easier for you in the long run to move /usr back to / and not have to > >>> deal with this question at all? > >> > >> It should be moving in the other direction for stability reasons and > >> busybox is no full answer. > >> > >> On OpenBSD which has the benefit of userland being part of it. All the > >> critical single user binaries are in root and built statically as much > >> as possible, maximising system reliability no matter the custom > >> requirements or packages. > > > > until a flaw is found in one of the libs used and all those statically > > linked binaries are in danger. Well done! > > I don't see why this would only affect statically linked executables. > If a bug is found in a library, all dynamically linked executables are > affected as well. When the BSD packagers put out an update for the > library, they'll also put updates for the static binaries that use it. > > I don't see any security issue here.
with dynamically linked libs you can change just the lib, you can even just use some LD_PRELOAD workaround. As you said yourself - with statically linked libs you have to replace half of your system.. and until the binaries are ready for distribution you can't even work around it. -- #163933
