[30] in WWW Security List Archive
Re: GSS API (as a DLL)...
daemon@ATHENA.MIT.EDU (Bernhard.Schneck@Physik.TU-Muenche)
Tue Aug 16 18:50:29 1994
To: John Ludeman <johnl@microsoft.com>
Cc: www-security@ns1.rutgers.edu
In-Reply-To: Your message of "Tue, 16 Aug 94 09:57:44 +0700."
<9408161702.AA22998@netmail2.microsoft.com>
Date: Tue, 16 Aug 94 21:47:37 +0200
From: Bernhard.Schneck@Physik.TU-Muenchen.DE
In message <9408161702.AA22998@netmail2.microsoft.com> you write:
>
> I apologize for this tangential issue, but somebody has expressed
> concern that a Dynamic Link Library type mechanism for the GSS APIs (or
> DLLs in general) are not suitable because there is not wide support on
> many Unix systems. This is the first time I have heard this concern
> and I wanted to make sure we're not going down a road of woe and despair.
Well, SHARED libraries are supported on many UNIX and UNIX-like
operating systems, but not on all (eg. Ultrix doesn't have them)
Dynamic Loadable Libraries (with load-on-request semantics) are
supported by no UNIX system that I know of out of the box, though
there are solutions for some architectures (most prominently the
GNU dld stuff).
Some people have programmed their own DLL support which may (or
may not) be portable between different architectures.
Also, I'd like to see a very thorough security analysis of DLLs
under Unix of people who know what they are doing before I'd trust
them for security related stuff.
\Bernhard.
