Garrick Staples wrote: > On Wed, Jan 09, 2008 at 02:00:13PM +1300, Clint Dilks alleged: > >> *snip* >> > > The '-static' means that the linker needs to find a static library archive to > create a static executable. That means it wants to find /usr/lib/libmhash.a. > Without the '-static', it would look for the shared library, libmhash.so. > > The mhash-devel package doesn't contain libmhash.a, so your test linking fails. > > It has been fedora/upstream policy for while to discourage the packaging of > static archive files. I'm sure the Fedora wiki has a page explaining why, but > I'm too lazy to find it right now. I don't know what reasons the wiki gives, but if a bug (security or other) exists in a library and you statically link against it, then when that bug is fixed - you have to rebuild all apps that linked against the static lib or they will continue to contain the bug even, even when the library is updated. With shared libraries, that isn't an issue. With shared libraries, updating the library is all you need to do. zlib I believe was a real world example of this - some years ago (red hat 5 ??), zlib was found to have a bug that could potentially be exploited. A lot of apps linked against the static library. Even after zlib had been updated, those apps were still vulnerable until they were recompiled.