[linux-elitists] distributing software securely (was: DJB ruckus du jour)

Sean Neakums sneakums@zork.net
Thu Nov 14 10:07:45 PST 2002

commence  Magnus Bodin quotation:

> On Thu, Nov 14, 2002 at 07:55:18AM -0800, john spurling wrote:
>> > 
>> > And draw your own conclusions about external dependencies and the
>> > minimization of risk.
>> djb did not invent static linking. behold:
> I checked the code. djbdns is not linked statically.
> It simply uses fewer external libraries.
> So the conclusion is?

Many of the "extra" libraries are ISC-provided and therefore not
exactly "external".  Looking at the Debian package info, it seems that
these libraries are in fact part of the bind9 source.

$ apt-cache show liblwres1 libdns5 libisc4 libisccc0 libisccfg0 \
  | grep ^Source | uniq
Source: bind9


        liblwres.so.1 => /usr/lib/liblwres.so.1 (0x40026000)
        libdns.so.5 => /usr/lib/libdns.so.5 (0x40034000)
        libisccfg.so.0 => /usr/lib/libisccfg.so.0 (0x401e4000)
        libisccc.so.0 => /usr/lib/libisccc.so.0 (0x401f3000)
        libisc.so.4 => /usr/lib/libisc.so.4 (0x401fb000)

The rest of the libraries are part of glibc.

 /                          |
[|] Sean Neakums            |  Questions are a burden to others;
[|] <sneakums@zork.net>     |      answers a prison for oneself.
 \                          |

More information about the linux-elitists mailing list