From: Eli Collins <eli@cs.wisc.edu>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] acme, rio workalike available in plan 9 ports
Date: Tue, 20 Apr 2004 11:40:18 -0500 [thread overview]
Message-ID: <Pine.LNX.4.58.0404201126500.31294@wasabi.cs.wisc.edu> (raw)
In-Reply-To: <470cd428ca4b59ae758c764934935bf0@terzarima.net>
On Tue, 20 Apr 2004, Charles Forsyth wrote:
> >>Oracle had to build/test/ship a new version of their code every time
>
> i think they still have to test their software with the changed bit, regardless whether the library
> is statically or dynamically linked! indeed, i'd have thought one
> advantage of static linking in that case is that the thing being run
> is more likely to be the thing that was tested, without (say)
> a new malloc being substituted by dynamic linking.
>
For security bugs this is a major disadvantage, because you never want to
keep an old copy of the library around. A buffer overflow in strcmp is now
present in practically every binary on the system. Security bugs need to
be fixed asap -- updating copies of all your applications (which you might
not have sources for) just to get rid of a single buffer overflow seems
unacceptable. This of course assumes you can easily track different
versions of strcmp in all your applications with static linking, which is
time intensive at best.
next prev parent reply other threads:[~2004-04-20 16:40 UTC|newest]
Thread overview: 102+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-03-21 4:51 Russ Cox
2004-03-21 21:03 ` andrey mirtchovski
2004-03-22 16:30 ` Axel Belinfante
2004-03-23 9:59 ` Bengt Kleberg
2004-03-23 12:23 ` boyd, rounin
2004-03-23 13:17 ` David Presotto
2004-03-23 13:30 ` boyd, rounin
2004-03-23 15:04 ` Fco.J.Ballesteros
2004-03-23 15:39 ` a
2004-03-23 15:09 ` Russ Cox
2004-03-23 15:12 ` Charles Forsyth
2004-03-23 15:29 ` Russ Cox
2004-03-23 15:13 ` Charles Forsyth
2004-03-23 15:39 ` Axel Belinfante
2004-03-23 15:49 ` a
2004-03-23 16:23 ` Russ Cox
2004-03-23 16:27 ` Axel Belinfante
2004-03-23 16:54 ` a
2004-04-01 10:50 ` Bengt Kleberg
2004-04-01 13:24 ` Russ Cox
2004-04-01 13:54 ` Scott Schwartz
2004-04-01 14:33 ` boyd, rounin
2004-04-01 16:14 ` Russ Cox
2004-04-01 15:25 ` boyd, rounin
2004-04-02 9:29 ` Bengt Kleberg
2004-04-02 10:09 ` Bengt Kleberg
2004-04-02 11:15 ` Steve Simon
2004-04-02 15:24 ` boyd, rounin
2004-04-19 10:04 ` Bengt Kleberg
2004-04-02 11:55 ` C H Forsyth
2004-04-02 14:30 ` Russ Cox
2004-04-02 14:53 ` C H Forsyth
2004-04-19 10:04 ` Bengt Kleberg
2004-04-19 11:07 ` Steve Simon
2004-04-20 8:38 ` Bengt Kleberg
2004-04-20 12:12 ` boyd, rounin
2004-04-20 12:20 ` lucio
2004-04-20 12:32 ` boyd, rounin
2004-04-20 12:58 ` lucio
2004-04-20 13:03 ` lucio
2004-04-21 9:03 ` Bengt Kleberg
2004-04-21 9:17 ` Charles Forsyth
2004-04-21 9:02 ` Bengt Kleberg
2004-04-21 9:02 ` Bengt Kleberg
2004-04-21 9:28 ` lucio
2004-04-21 13:53 ` boyd, rounin
2004-04-19 15:00 ` Russ Cox
2004-04-19 18:51 ` boyd, rounin
2004-04-20 8:38 ` Bengt Kleberg
2004-04-20 12:15 ` boyd, rounin
2004-04-20 14:56 ` ron minnich
2004-04-20 17:43 ` Eli Collins
2004-04-20 15:51 ` ron minnich
2004-04-20 17:10 ` jmk
2004-04-20 17:34 ` Eli Collins
2004-04-20 17:39 ` jmk
2004-04-20 19:42 ` boyd, rounin
2004-04-20 19:09 ` ron minnich
2004-04-20 16:10 ` Charles Forsyth
2004-04-20 16:21 ` ron minnich
2004-04-20 16:40 ` Eli Collins [this message]
2004-04-20 19:31 ` boyd, rounin
2004-04-20 19:20 ` boyd, rounin
2004-03-24 10:42 ` Axel Belinfante
2004-03-21 5:07 Noah Evans
2004-03-21 5:25 ` Russ Cox
2004-03-21 6:12 ` Scott Schwartz
2004-03-21 14:02 ` Russ Cox
2004-03-21 15:57 Noah Evans
2004-03-21 20:43 Andrey S. Kukhar
2004-03-21 21:45 Noah Evans
2004-03-21 22:15 ` andrey mirtchovski
2004-04-20 23:04 boyd, rounin
2004-04-20 23:18 ` matt
2004-04-20 23:26 ` Geoff Collyer
2004-04-20 23:28 ` boyd, rounin
2004-04-20 23:48 ` matt
2004-04-20 23:59 ` Charles Forsyth
2004-04-21 3:18 ` Bruce Ellis
2004-04-21 8:51 ` matt
2004-04-21 9:24 ` Charles Forsyth
2004-04-21 9:49 ` C H Forsyth
2004-04-21 12:14 ` boyd, rounin
2004-04-21 0:07 ` Russ Cox
2004-04-21 0:18 ` ron minnich
2004-04-21 0:19 ` boyd, rounin
2004-04-21 2:09 ` ron minnich
2004-04-21 2:20 ` boyd, rounin
2004-04-21 3:43 ` Ronald G. Minnich
2004-04-23 8:55 ` Christoph Hellwig
2004-04-23 8:59 ` boyd, rounin
2004-04-23 15:03 ` ron minnich
2004-04-23 15:29 ` Christoph Hellwig
2004-04-23 15:54 ` ron minnich
2004-04-23 16:20 ` Joel Salomon
2004-04-23 17:03 ` ron minnich
2004-04-23 16:47 ` Christoph Hellwig
2004-04-23 17:04 ` ron minnich
2004-04-23 17:52 ` Christoph Hellwig
2004-04-21 0:40 ` andrey mirtchovski
2004-04-21 3:25 ` Bruce Ellis
2004-04-21 0:38 Charles Forsyth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Pine.LNX.4.58.0404201126500.31294@wasabi.cs.wisc.edu \
--to=eli@cs.wisc.edu \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).