[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Reasons for Statically linking to Bekely DB?

man, 05.04.2004 kl. 19.23 skrev Medievalist:

> I can't speak for other people, but the reason I like to have a separate, 
> statically linked Berkeley DB behind my LDAP servers is so that I don't have to 
> micro-manage sysadmins.

> A service which controls system availability should only run with known good 
> tested libraries, and these should not be upgraded unless a security problem is 
> known to exist or an additional function is required.

Agreed. Compile all apps exclusively with static libs (unless there's
some good reason not to - e.g. Apache). Attempt to keep new headers,
libs and dependencies completely separated from old headers, libs and
dependencies (e.g. old prefixes /usr, new prefix /usr/local). Don't
update/upgrade *anything* on a production machine unless there's some
very good reason for doing so (security vulnerability, proven

Judge those other than your vendor's rpms, debs etc. on the supplier's
proved merit.

Thanks Charlie :)



mail: billy - at - billy.demon.nl