[tor-dev] [Proposal] A simple way to make Tor-Browser-Bundle more portable and secure

Ivan Markin twim at riseup.net
Sun Oct 30 18:51:00 UTC 2016


Yawning Angel:
> Having to rebuild the browser when the libc needs to be updated seems
> terrible as well.

Why is it terrible?
Using static linking drastically reduces overall *complexity*
(~1/security). If you do use libc code in your stuff then it's a part of
this stuff.  If there is a bug in libc - just rebuild your broken
software. It either works or not. Doing dynamic linking is leaving it in
superposition state.

I consider having the browser that builds for >30m is way more terrible.

From
https://wayback.archive.org/web/20090525150626/http://blog.garbe.us/2008/02/08/01_Static_linking/
:

> I prefer static linking:

> Executing statically linked executables is much faster, because there
> are no expensive shared object lookups during exec().
> 
> Statically linked executables are portable, long lasting and fail
> safe to ABI changes -- they will run on the same architecture even in
> 10 years time. Never expect errors like
> /lib/ssa/libstdc++.so.6:version 'GLIBCXX_3.4.4' not found again.
> 
> Statically linked executables use less disk space. Most executables
> use only a small subset of the functions provided by a static library
> -- so there is absolutely no reason to link complete static libraries
> into a static executable (e.g. spoken for a hello_world.c you only
> need to link vprintf statically into the executable, not the whole
> static libc!). The contrary is true for dynamic libraries -- you
> always use the whole library, regardless what functions you are
> using.
> 
> Statically linked executables consume less memory because their
> binary size is smaller and they only map the functions they depend on
> into memory (contrary to dynamic libs).
> 
> The reason why dynamic linking has been invented was not to decrease
> the general executable sizes or to save memory consumption, or to
> speed up the exec() -- but to allow changing code during runtime --
> and that's the real purpose of dynamic linking, we shouldn't forget
> that.

--
Ivan Markin


More information about the tor-dev mailing list