[PLUG] Are dependences obsolete?
Paul Heinlein
heinlein at madboa.com
Wed Mar 19 15:31:38 UTC 2014
On Tue, 18 Mar 2014, Wayne E. Van Loon Sr. wrote:
> Most of you probably know this, but what you are talking about is
> the difference between static and dynamic linking. When using static
> linking, all the libraries needed by the program are inserted into
> the executable code. Depending upon the environment on the target
> machine, statically linked programs usually run faster, are more
> portable, but require more disk and memory space.
Static linking also means that if there's a bug or vulnerability in a
supporting library, every binary compiled against that library has to
be updated individually.
For example, if there were a vulnerability in libcrypt, roughly 300
binaries on one of my CentOS 6 servers would have to be rebuilt,
repackaged, and reinstalled.
--
Paul Heinlein
heinlein at madboa.com
45°38' N, 122°6' W
More information about the PLUG
mailing list