[pkg-go] Security support for packages written in Go
Florian Weimer
fw at deneb.enyo.de
Wed Apr 13 05:03:36 UTC 2016
* Michael Hudson-Doyle:
> There is another approach to the static linking issue, which is to
> start using dynamic linking instead. It's implemented upstream for
> most architectures now (only mips64 le/be and ppc64 be missing I
> think). I'm going to be working on starting to use dynamic linking
> during the next cycle of Ubuntu development, and I'd certainly be
> interested in getting it going for Debian too. (the timeframes re:
> stretch release look reasonable for this).
Can you explain a bit more how dynamic linking would help us to
determine what we need to rebuild?
I expect that dynamic linking will complicate matters because we will
have to rebuild library packages in dependency order. I don't see how
Go shared objects can provide a stable ABI.
More information about the Pkg-go-maintainers
mailing list