| 1 |
On 15/12/12 12:18, Volker Armin Hemmann wrote: |
| 2 |
> Am Freitag, 14. Dezember 2012, 21:34:54 schrieb Kevin Chadwick: |
| 3 |
>> On Fri, 14 Dec 2012 08:53:35 -0800 |
| 4 |
>> |
| 5 |
>> Mark Knecht <markknecht@×××××.com> wrote: |
| 6 |
>>> I guess the other question that's lurking here for me is why do you |
| 7 |
>>> have /usr on a separate partition? What's the usage model that drives |
| 8 |
>>> a person to do that? The most I've ever done is move /usr/portage and |
| 9 |
>>> /usr/src to other places. My /usr never has all that much in it beyond |
| 10 |
>>> those two directories, along with maybe /usr/share. Would it not be |
| 11 |
>>> easier for you in the long run to move /usr back to / and not have to |
| 12 |
>>> deal with this question at all? |
| 13 |
>> |
| 14 |
>> It should be moving in the other direction for stability reasons and |
| 15 |
>> busybox is no full answer. |
| 16 |
>> |
| 17 |
>> On OpenBSD which has the benefit of userland being part of it. All the |
| 18 |
>> critical single user binaries are in root and built statically as much |
| 19 |
>> as possible, maximising system reliability no matter the custom |
| 20 |
>> requirements or packages. |
| 21 |
> |
| 22 |
> until a flaw is found in one of the libs used and all those statically linked |
| 23 |
> binaries are in danger. Well done! |
| 24 |
|
| 25 |
I don't see why this would only affect statically linked executables. |
| 26 |
If a bug is found in a library, all dynamically linked executables are |
| 27 |
affected as well. When the BSD packagers put out an update for the |
| 28 |
library, they'll also put updates for the static binaries that use it. |
| 29 |
|
| 30 |
I don't see any security issue here. |
Archives