Swâmi> I agree that static binaries are *much* better for critical
Swâmi> binaries that are needed to mount filesystems. But if the
Swâmi> Ubuntu team wants to keep cryptsetup dynamically linked,
Swâmi> wouldn't there be an easy solution modifying the
Swâmi> libgcrypt11 and libgpg-error0 so they simply install into
Swâmi> /lib instead of /usr/lib ?
They probably have their reason why they think these belong in
/usr/lib.
Another would perhaps be an install option, to link against static
version of the libraries if they are installed. But I am quite new to
Ubuntu, so I can't see how easy this is.
But in any case I don't have the impression that much people are too
much worried about this bug. First it was declassified and now it is
not even assigned to anybody anymore. To be honest, when I switched to
Ubuntu recently, I expected a bit more.
Hello,
>>>>> ``Swâmi'' == Swâmi Petaramesh <email address hidden> writes:
Swâmi> I agree that static binaries are *much* better for critical
Swâmi> binaries that are needed to mount filesystems. But if the
Swâmi> Ubuntu team wants to keep cryptsetup dynamically linked,
Swâmi> wouldn't there be an easy solution modifying the
Swâmi> libgcrypt11 and libgpg-error0 so they simply install into
Swâmi> /lib instead of /usr/lib ?
They probably have their reason why they think these belong in
/usr/lib.
Another would perhaps be an install option, to link against static
version of the libraries if they are installed. But I am quite new to
Ubuntu, so I can't see how easy this is.
But in any case I don't have the impression that much people are too
much worried about this bug. First it was declassified and now it is
not even assigned to anybody anymore. To be honest, when I switched to
Ubuntu recently, I expected a bit more.
Jens