Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[static] linking

The application will also run faster...  But security is the reason you should do this.  


On Wed, Mar 19, 2003 at 05:59:19PM -0500, Young, Charles wrote:
> The only good reason I can think of to link/compile -static is to not have to depend on and trust the shared libraries, which could be altered by a rootkit, etc.  This provides you with a so-called "trusted" binary, albeit bloated :)
> But hey, if they fit on a CD, who cares!  It's kind of an oddball situation though.  I can't think of another good reason to do it if the machine is reasonably secure/hardened.
> Are there other good reasons?
> -----------
> Chuck Young
> Security Consulting
> Level(3) Communications
> -------------------------
> -----Original Message-----
> From: Derek Martin [mailto:blu at]
> Sent: Wednesday, March 19, 2003 2:24 PM
> ---snip---
> It depends on how you compile (or actually, link) the program when
> you're building it.  If you build it with -static, you link AT COMPILE
> TIME against the static library.  Otherwise, by default (if your
> system supports shared objects) you link AT RUN TIME against the
> shared library.
> Generally speaking, most systems use the dynamic libraries for the
> vast majority of cases.  The point is this saves huge amounts of disk
> space.  With the static libraries, the library is copied into the
> executable file of every binary that is linked statically, wasting
> huge amounts of space.  That's the (main) point of shared libraries.
> ---snip---
> _______________________________________________
> Discuss mailing list
> Discuss at

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /