From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 655261381F3 for ; Sun, 16 Dec 2012 22:28:02 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id BC11C21C09C; Sun, 16 Dec 2012 22:27:47 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 027FD21C01B for ; Sun, 16 Dec 2012 22:26:14 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 28E7433DC5D for ; Sun, 16 Dec 2012 22:26:14 +0000 (UTC) X-Virus-Scanned: by amavisd-new using ClamAV at gentoo.org X-Spam-Flag: NO X-Spam-Score: 0.194 X-Spam-Level: X-Spam-Status: No, score=0.194 tagged_above=-999 required=5.5 tests=[AWL=-0.982, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=1.2, RP_MATCHES_RCVD=-0.024, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no Received: from smtp.gentoo.org ([IPv6:::ffff:127.0.0.1]) by localhost (smtp.gentoo.org [IPv6:::ffff:127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fj64gpQugx6d for ; Sun, 16 Dec 2012 22:26:08 +0000 (UTC) Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 5D70433DC54 for ; Sun, 16 Dec 2012 22:26:07 +0000 (UTC) Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1TkMf2-0004qA-Bu for gentoo-user@gentoo.org; Sun, 16 Dec 2012 23:26:16 +0100 Received: from athedsl-355805.home.otenet.gr ([85.72.245.123]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 16 Dec 2012 23:26:16 +0100 Received: from realnc by athedsl-355805.home.otenet.gr with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 16 Dec 2012 23:26:16 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-user@lists.gentoo.org From: Nikos Chantziaras Subject: [gentoo-user] Re: Anyone switched to eudev yet? Date: Mon, 17 Dec 2012 00:25:48 +0200 Organization: Lucas Barks Message-ID: References: <50CB1942.3020900@gmail.com> <1687057.4tTYKEJzqn@localhost> <2150333.mhR4e5T1L6@localhost> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: athedsl-355805.home.otenet.gr User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Thunderbird/17.0 In-Reply-To: <2150333.mhR4e5T1L6@localhost> X-Archives-Salt: 20b7ddd5-7e24-4b25-ad58-4dd270f307d8 X-Archives-Hash: c9a0e1a3ba29428a91299ee29a11b48f On 17/12/12 00:14, Volker Armin Hemmann wrote: > Am Sonntag, 16. Dezember 2012, 23:19:46 schrieb Nikos Chantziaras: >> On 15/12/12 12:18, Volker Armin Hemmann wrote: >>> Am Freitag, 14. Dezember 2012, 21:34:54 schrieb Kevin Chadwick: >>>> On Fri, 14 Dec 2012 08:53:35 -0800 >>>> >>>> Mark Knecht wrote: >>>>> I guess the other question that's lurking here for me is why do you >>>>> have /usr on a separate partition? [...] >>>> >>>> It should be moving in the other direction for stability reasons and >>>> busybox is no full answer. >>>> >>>> On OpenBSD which has the benefit of userland being part of it. All the >>>> critical single user binaries are in root and built statically as much >>>> as possible, maximising system reliability no matter the custom >>>> requirements or packages. >>> >>> until a flaw is found in one of the libs used and all those statically >>> linked binaries are in danger. Well done! >> >> I don't see why this would only affect statically linked executables. >> If a bug is found in a library, all dynamically linked executables are >> affected as well. When the BSD packagers put out an update for the >> library, they'll also put updates for the static binaries that use it. >> >> I don't see any security issue here. > > with dynamically linked libs you can change just the lib, you can even just > use some LD_PRELOAD workaround. > > As you said yourself - with statically linked libs you have to replace half of > your system.. and until the binaries are ready for distribution you can't even > work around it. Or you wait for the update by the vendor of your OS, which is what people do. Also, the few critical system binaries that are required to just get a shell and fix the system, are not "half of your system."