dynamic /bin /sbin

Bosko Milekic bmilekic at technokratis.com
Mon Jul 28 06:27:02 PDT 2003


On Mon, Jul 28, 2003 at 12:05:10PM +0100, Jan Grant wrote:
[...]
> There are billions* of reasons why having individual programs
> dynamically linking security plugins directly are a bad idea: by and
> large, they fall into two areas: resource management (every "ls"
> invocation opening a new SSL connection to an LDAP server? I don't think
> so) and proper protection of security domains (does your "ls" instance
> need read access to your host SSL client cert? Ick.)

  FWIW, the dynamically-linked plugins to libc that currently exist will
  each themselves sometimes spawn a daemon to maintain a persistent
  connection.  So what you end up having is a lot of code duplication
  and a lot of plugins 'rolling their own' now that the authors realized
  that the alternate approach (a-la lookupd) is actually cleaner.

> Basically, I think libc with fallback mechanism and a lookupd is the
> only really sane way to do this, certainly within a Unix paradigm. It
> has the advantage (if you so choose to call it) that it doesn't preclude
> a static /sbin.

  That was my opinion as well.

> jan
> 
> * well, many
> 
> -- 
> jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/
> Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/
> Solution: (n) a watered-down version of something neat.

-- 
Bosko Milekic  *  bmilekic at xxxxxxxxxxxxxxxx  *  bmilekic at xxxxxxxxxxx
TECHNOkRATIS Consulting Services  *  http://www.technokratis.com/





More information about the Kernel mailing list