On Sat, Dec 24, 2011 at 12:49:55PM +0000, Andrew Benton wrote: > On Sat, 24 Dec 2011 03:04:10 +0000 > Ken Moffat <zarniwh...@ntlworld.com> wrote: > > > This is also why some of us have a bee in our bonnets about static > > libraries - if it's only used within a package, no problem. If it's > > installed into /usr/lib as libfoo.a then you'd better have a means > > of identifying what used it in case you need to fix a vulnerability. > > For myself, my buildscripts have a function which moves static libs > > in /usr/lib to libfoo.a.hidden (except for *some* toolchain libs - > > I've never had time to sort out all those that *need* to be static : > > basically, if there is a vulnerability in the toolchain, it's time > > to build a new LFS system). > > For what it's worth, I've managed to reduce the number of static libs > to 8, all from gcc, binutils or glibc:
Fascinating and very useful stuff, Andy. If I wasn't planning on spending my computer time with the gnome-3 packages, I'd be playing with this. Unfortunately, it will have to wait until later - probably much later. Actually, I can probably justify doing shared libcrmf on my next firefox upgrades (9.0.0 on my other box blew out, probably from lack of space - need bigger disks, but that means a new mobo, my via chipsets don't do sata2 Something will have to go.). Thanks. ĸen -- das eine Mal als Tragödie, das andere Mal als Farce -- http://linuxfromscratch.org/mailman/listinfo/lfs-support FAQ: http://www.linuxfromscratch.org/lfs/faq.html Unsubscribe: See the above information page