[CentOS] CentOS and GCC Question
Michael A. Peters
mpeters at mac.comWed Jan 9 05:43:54 UTC 2008
- Previous message: [CentOS] CentOS and GCC Question
- Next message: [CentOS] CentOS and GCC Question
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Garrick Staples wrote: > On Wed, Jan 09, 2008 at 02:00:13PM +1300, Clint Dilks alleged: > >> *snip* >> > > The '-static' means that the linker needs to find a static library archive to > create a static executable. That means it wants to find /usr/lib/libmhash.a. > Without the '-static', it would look for the shared library, libmhash.so. > > The mhash-devel package doesn't contain libmhash.a, so your test linking fails. > > It has been fedora/upstream policy for while to discourage the packaging of > static archive files. I'm sure the Fedora wiki has a page explaining why, but > I'm too lazy to find it right now. I don't know what reasons the wiki gives, but if a bug (security or other) exists in a library and you statically link against it, then when that bug is fixed - you have to rebuild all apps that linked against the static lib or they will continue to contain the bug even, even when the library is updated. With shared libraries, that isn't an issue. With shared libraries, updating the library is all you need to do. zlib I believe was a real world example of this - some years ago (red hat 5 ??), zlib was found to have a bug that could potentially be exploited. A lot of apps linked against the static library. Even after zlib had been updated, those apps were still vulnerable until they were recompiled.
- Previous message: [CentOS] CentOS and GCC Question
- Next message: [CentOS] CentOS and GCC Question
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list