while doing some reading on secure software development
(//www.ranum.com/security/computer_security/archives/security-for-developers.pdf)
I came across the advice always link your priviliged binaries
statically.
However a quick check on my system revealed me almost all suid/sgid
programs being dynamically linked (the two exceptions traceroute/traceroute6
startle me even more).
Since the advice makes sense to me (it keeps some rather
complicated machinery out of delicate matters)
I'm wondering why it is not followed on OpenBSD.
Early in the days of shared libraries, a lot of vendors had bugs in
their ld.so code, and the most risky ones were for setuid programs
of course. Very small bugs, which got fixed in time.
This resulted in the meme amongst people to link setuid programs
statically.
We all know that driving cars fast causes more accidents. Right?
That is a meme of the same quality.
The problem is that once bugs are fixed, and noone makes them anymore
the stupid people keep parroting the same concepts.
That is hardly surprising.
(BTW, about 10 years ago, FreeBSD had a bug in their crt0 that made
every single setuid and setgid program vulnerable. Did a meme arise
to not link against the C run time startup code? Nope. Of course
not.)