On 6/15/05, Russ Allbery <[EMAIL PROTECTED]> wrote: > Ian Campbell <[EMAIL PROTECTED]> writes: > > > I might be talking out of my arse (99% probability ;-)) but I thought > > I'd heard that it was possible to store the pre-linking information > > separately to the binaries, under /var/cache or something for example. > > > Am/was I imagining things? > > One of the points of the md5sum verification is to ensure that the > binaries haven't been tampered with. If one can tamper with the binaries > by modifying some file in /var/cache instead, doesn't that just > reintroduce the same problem?
But it leaves the choice of using prelinking to the user instead of 'forcing' the entire system to use it.