ESR: Goodbye Fedora- big picture
Matthew Miller
mattdm at mattdm.org
Fri Feb 23 02:58:24 UTC 2007
On Thu, Feb 22, 2007 at 09:07:15PM -0500, Tom Horsley wrote:
> > Err, what? That doesn't make any sense. The point is that the shared lib
> > requires one small update
> One small update which could just as easily introduce a security problem
> into every dynamically linked app as fix one.
Well, hopefully not "just as easily", as we (speaking in general) hopefully
are more aware of good, secure programming practices now. Obviously new
flaws do crop up, but in most cases, security problems tend to be "current
version and all previous".
But even that aside, the potential impact of the scenario you describe is no
worse than with static linking, and much easier to clean up after.
--
Matthew Miller mattdm at mattdm.org <http://mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
More information about the users
mailing list