[static] linking
miah
jjohnson at sunrise-linux.com
Wed Mar 19 18:33:32 EST 2003
The application will also run faster... But security is the reason you should do this.
-miah
On Wed, Mar 19, 2003 at 05:59:19PM -0500, Young, Charles wrote:
> The only good reason I can think of to link/compile -static is to not have to depend on and trust the shared libraries, which could be altered by a rootkit, etc. This provides you with a so-called "trusted" binary, albeit bloated :)
>
> But hey, if they fit on a CD, who cares! It's kind of an oddball situation though. I can't think of another good reason to do it if the machine is reasonably secure/hardened.
>
> Are there other good reasons?
>
> -----------
> Chuck Young
> Security Consulting
> Level(3) Communications
> -------------------------
>
> -----Original Message-----
> From: Derek Martin [mailto:blu at sophic.org]
> Sent: Wednesday, March 19, 2003 2:24 PM
>
> ---snip---
>
> It depends on how you compile (or actually, link) the program when
> you're building it. If you build it with -static, you link AT COMPILE
> TIME against the static library. Otherwise, by default (if your
> system supports shared objects) you link AT RUN TIME against the
> shared library.
>
> Generally speaking, most systems use the dynamic libraries for the
> vast majority of cases. The point is this saves huge amounts of disk
> space. With the static libraries, the library is copied into the
> executable file of every binary that is linked statically, wasting
> huge amounts of space. That's the (main) point of shared libraries.
>
> ---snip---
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://www.blu.org/mailman/listinfo/discuss
More information about the Discuss
mailing list