Hi, Russ Allbery wrote:
> Usually I argue for relaxing it to a should. In this case, I think we can > flesh out the exception somewhat better and preserve the must. > > Binary executables must not be statically linked with the GNU C > library, since this prevents the binary from benefiting from > fixes and improvements to the C library without being rebuilt > and complicates security updates. This requirement may be > relaxed for binary executables whose intended purpose is to > diagnose and fix the system in situations where the GNU C > library may not be usable (such as system recovery shells or > utilities like ldconfig) or for binary executables where the > security benefits of static linking outweigh the drawbacks. Seconded. If the goal is to align with ftpmaster requirements, another possibility is to explicitly say * packages must not install binaries or object files statically linked against glibc unless: * the package has a name ending with -static, * the final has a name ending with -static or .static, or * the package installs a Lintian override file explaining why the statically linked object is needed. I think I prefer your suggestion, though. Thanks, Jonathan -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org