Review Rules and staticly linked packages agains dietlibc

[Patrice Dumas]

> Which security issues? Tools in 'ipvsd' are doing only some syscalls
> resp. the (perhaps) exploitable code sits in ipvsd and not in dynamical
> linkable libraries. The 'ipvsd' code itself is so small that it can be

Why couldn't there be an issue with a bug in dietlibc that opens a 
security hole in ipvsd? I haven't read the code, but I can't see how
it is possible.

> No, the choice is between ??? (sorry, I do not have an idea which
> positive property would be brought in by 'glibc' linking) against
> efficiency and building 'ipvsvd' with the tools it was designed for.

You cannot rule out security issues in the library easily as long as
the library is used, and ipvsd is a networking app, so security matters.

I still agree that the increase in efficiency could be worth the risk
of security issues.

--
Pat