Bugtraq mailing list archives
Re: a point is being missed
From: jns () cisco com (John Stewart)
Date: Fri, 3 Nov 1995 14:41:36 -0800
-> -> Why in all this telnetd flap has nobody mentioned that /bin/login should -> be relinked STATICALLY? That at least defers the LD_* class of problem -> until after login has done the setuid and exec, but still leaves things -> like IFS passed to scripts. -> -> Still, my own rule of thumb is that any binary that talks to the net, -> handles inbound connections, handles authentication, etc ... should not be -> depending on shared libs. It's well worth the miniscule disk space hit. -> Vendors, LISSEN UP. -> And, not surprisingly, Solaris would indicate that this won't happen. From the FAQ: ------=------=------=------=------=------=------=------=------=------ In Solaris 2.x static linking is not supported for any of the system libraries. All the functions that use /etc/nsswitch.conf (getXXXbyYYY, getpwXXX, etc) require the dynamic linker to load the code to load these functions. It is not possible to write configurable/extensible functions in such a way that dynamic linking is not required. E.g., you can add your own nsswitch.conf backend which would not be known to programs statically linked to only the standard backend code. ------=------=------=------=------=------=------=------=------=------ This recently drove a co-worker and I to the brink of insanity when we tried statically linking "ls" for our anonymous FTP site on a Solaris 2.4 machine. Seems like Solaris won't be able to handle this then, no? --john
Current thread:
- SGI Security Advisory 19951101 - telnetd : UPDATE, (continued)
- SGI Security Advisory 19951101 - telnetd : UPDATE SGI Security Coordinator (Nov 17)
- Re: SunOS syslog() fix, finally... Pug (Nov 10)
- Turning dynamic into static? Lawrence R. Rogers (Nov 09)
- Re: Telnet attack on SGI Adam Shostack (Nov 02)
- Does the shared lib bug work on any suid program ? Bernd Lehle (Nov 03)
- Re: Does the shared lib bug work on any suid program ? Fred Blonder (Nov 03)
- Re: Does the shared lib bug work on any suid program ? John Capo (Nov 03)
- Re: Does the shared lib bug work on any suid program ? Justin Mason (Nov 06)
- a point is being missed *Hobbit* (Nov 03)
- Re: a point is being missed Scott Barman (Nov 03)
- Re: a point is being missed John Stewart (Nov 03)
- Re: a point is being missed Douglas Siebert (Nov 03)
- Re: a point is being missed Richard Todd (Nov 04)
- Re: a point is being missed Casper Dik (Nov 04)
- Re: Telnet attack on SGI Edwin Kremer (Nov 09)
- Re: Telnet attack on SGI Edwin Kremer (Nov 10)
- Re: Telnet attack on SGI Sam Hartman (Nov 01)
- Re: Telnet attack on SGI Casper Dik (Nov 06)
- Re: Telnet attack on SGI Adrian (Nov 03)
- Re: Telnet attack on SGI Sam Hartman (Nov 03)
- Re: Telnet attack on SGI Michael/Miguel Sanchez (Nov 09)
(Thread continues...)