shared is ok for now. myself and the team im on like to reduce .so
dependencies so we can just slide the exe anyway.

thanks for the help. it is very appreciated.
Pete

On Sep 5, 2008, at 5:13 PM, Brian Dessent wrote:

> Brian Dessent wrote:
>
>> IIRC pkg-config has a facility to differentiate between the two with
>> e.g. --libs and --static-libs or however they spell it. You should
>> check openssl's .pc file to see if this is setup properly, in
>> which case
>> it should be possible to set LIBS via "pkg-config openssl --static-
>> libs"
>> or however it's spelled.
>
> Well after checking they don't provide this, so never mind. And
> thinking about it, they (i.e. openssl) probably want to discourage
> static linking because it's considered a real faux pas to statically
> link security libraries. The conventional wisdom is that when
> there are
> vulnerabilities in security software you want to have one central copy
> of the (shared) library to upgrade, fixing all apps on the system at
> once. When the library has been statically linked into executables it
> becomes much harder to hunt down all these instances and recompile
> them,
> which effectively means that they are never upgraded and suffer with
> security vulnerabilities into perpetuity.
>
> Brian
Received on 2008-09-05