On Fri, 3 Nov 1995, *Hobbit* wrote: > Why in all this telnetd flap has nobody mentioned that /bin/login should > be relinked STATICALLY? That at least defers the LD_* class of problem > until after login has done the setuid and exec, but still leaves things > like IFS passed to scripts. > > Still, my own rule of thumb is that any binary that talks to the net, > handles inbound connections, handles authentication, etc ... should not be > depending on shared libs. It's well worth the miniscule disk space hit. > Vendors, LISSEN UP. I agree 100%. However, have you ever tried to do that under Solaris 2.4? I once convinced a client to build a firewall with SunOS 4.1.4 rather than Solaris 2 because we couldn't statically link with many of the libraries (e.g., there is no static -lresolv and in -lnsl one of the gethost* or get-something functions is not compiled correctly in the static version of the library). I also haven't seen a patch from Sun that would fix this, either. With 2.5 a few days away, and since I am not a beta tester, I was wondering if someone knew if this was fix? TIA scott barman -- scott barman DISCLAIMER: I speak to anyone who will listen, scott@disclosure.com and I speak only for myself. barman@ix.netcom.com "I don't know if security explains why the Win95 support Web servers run BSDI 2.0--an Intel-based Unix--rather than Windows NT, which Microsoft insists is the ideal Web software solution. Does Redmond know something we don't know?" -Robert X. Cringely, INFORWORLD, 9/11/95