Dynamic libraries strike again!
With the increased amount of RAM machines have, I always wonder if it’s not just best to statically link everything all the time nowadays.
You risk me agreeing with you and having the prophecies of the end of the world come true with comments such as these. The era of space over time is long done. There are just so many benefits of static linking such as utilizing runtime analysis across library code, not just, as you rightly imply, to reduce attack area.
I am a huge proponent of this, even if I get a lot of grief for it. A good read on the subject is the cat-v dynamic linking page.
Agreed. I would at least reach for static linking over dynamic linking as a first solution, and then only think about supporting dynamic linking if it was proved worthwhile.
But then you lose out on PIE/ASLR, and the next time there’s an OpenSSL or zlib bug, you’ll have to recompile everything on your system that uses those.
Though these days with advanced package management, I’m not sure the latter is such a big deal. The package manager (on OpenBSD at least) knows what binaries are linked to which system and package libraries and which versions of them, so getting those select packages rebuilt and reinstalled wouldn’t be a big deal.