On Thu, Feb 22, 2007 at 09:07:15PM -0500, Tom Horsley wrote: > > Err, what? That doesn't make any sense. The point is that the shared lib > > requires one small update > One small update which could just as easily introduce a security problem > into every dynamically linked app as fix one. Well, hopefully not "just as easily", as we (speaking in general) hopefully are more aware of good, secure programming practices now. Obviously new flaws do crop up, but in most cases, security problems tend to be "current version and all previous". But even that aside, the potential impact of the scenario you describe is no worse than with static linking, and much easier to clean up after. -- Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/>
