ESR: Goodbye Fedora- big picture
Jim Cornette
fc-cornette at insight.rr.com
Sat Feb 24 23:14:44 UTC 2007
Tom Horsley wrote:
> On Thu, 22 Feb 2007 19:49:51 -0500
> Matthew Miller <mattdm at mattdm.org> wrote:
>
>> Err, what? That doesn't make any sense. The point is that the shared lib
>> requires one small update
>
> One small update which could just as easily introduce a security problem
> into every dynamically linked app as fix one.
>
Good point!
I have seen a recent problem with zlib crippling a high number of
packages because of a problem. (fixed by running ldconfig and fixed
quickly in the zlib package with the next update).
Some other poster referred to a security flaw when the lib was static
and within individual programs.
If the flaw does not change the interface ability to use the dynamic
library, it would be easier to only have to fix the problematic library.
If it changed the way programs need to interface with the library,
static or dynamic would both be a nightmare to resolve the issues.
I don't think this issue has much to do with ESR (whoever he may be, not
known by me.) though.
Jim
--
Excellent time to become a missing person.
More information about the users
mailing list