[2355] in bugtraq
Re: a point is being missed
daemon@ATHENA.MIT.EDU (John Stewart)
Fri Nov 3 22:07:22 1995
Date: Fri, 3 Nov 1995 14:41:36 -0800
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: John Stewart <jns@cisco.com>
X-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
In-Reply-To: Your message of "Fri, 03 Nov 1995 09:57:46 EST."
<199511031457.JAA13148@narq.avian.org>
->
-> Why in all this telnetd flap has nobody mentioned that /bin/login should
-> be relinked STATICALLY? That at least defers the LD_* class of problem
-> until after login has done the setuid and exec, but still leaves things
-> like IFS passed to scripts.
->
-> Still, my own rule of thumb is that any binary that talks to the net,
-> handles inbound connections, handles authentication, etc ... should not be
-> depending on shared libs. It's well worth the miniscule disk space hit.
-> Vendors, LISSEN UP.
->
And, not surprisingly, Solaris would indicate that this won't
happen. From the FAQ:
------=------=------=------=------=------=------=------=------=------
In Solaris 2.x static linking is not supported for any of the
system libraries. All the functions that use /etc/nsswitch.conf
(getXXXbyYYY, getpwXXX, etc) require the dynamic linker to
load the code to load these functions. It is not possible
to write configurable/extensible functions in such a way that
dynamic linking is not required. E.g., you can add your own
nsswitch.conf backend which would not be known to programs
statically linked to only the standard backend code.
------=------=------=------=------=------=------=------=------=------
This recently drove a co-worker and I to the brink of insanity when we
tried statically linking "ls" for our anonymous FTP site on a Solaris
2.4 machine.
Seems like Solaris won't be able to handle this then, no?
--john
