> while doing some reading on secure software development > (//www.ranum.com/security/computer_security/archives/security-for-developers.pdf) > I came across the advice "always link your priviliged binaries > statically". > > However a quick check on my system revealed me almost all suid/sgid > programs being dynamically linked (the two exceptions traceroute/traceroute6 > startle me even more). > > Since the advice makes sense to me (it keeps some rather > complicated machinery out of delicate matters) > I'm wondering why it is not followed on OpenBSD.
Early in the days of shared libraries, a lot of vendors had bugs in their ld.so code, and the most risky ones were for setuid programs of course. Very small bugs, which got fixed in time. This resulted in the "meme" amongst people to "link setuid programs statically". We all know that driving cars fast causes more accidents. Right? That is a meme of the same quality. The problem is that once bugs are fixed, and noone makes them anymore the stupid people keep parroting the same concepts. That is hardly surprising. (BTW, about 10 years ago, FreeBSD had a bug in their crt0 that made every single setuid and setgid program vulnerable. Did a meme arise to not "link against the C run time startup code"? Nope. Of course not.)
