[pkg-go] Security support for packages written in Go

[Florian Weimer]

* Tim Potter:

> Hi everyone.  I've done a small amount of research into the
> buildmode=c-shared and the dynlink option and they look good on
> paper.  Has anyone examined these options more seriously?

I think structure sizes and field offsets still leak across shared
object boundaries (probably among other things).  This is no different
from C or C++, but I would not expect that Go developers (beyond the
runtime itself) consider these issues when making changes.  As a
result, shared objects only make the rebuild requirement only more
urgent.