| ▲ | Joel_Mckay 3 days ago | |||||||
People often started here: https://tldp.org/HOWTO/Program-Library-HOWTO/shared-librarie... Getting into why the community argued for years while Debian brought up deb version controlled packaging is a long dramatic conversation. Some people liked their tar ball mystery binaries, and the .so library trend started more as a contest to see how much people could squeeze out of a resource constrained machine. In a single unique application running context, the power of a cached .so reference count are less relevant. As a program built with .so may re-use many resources other programs or itself likely already loaded. > ldd --verbose /usr/bin/bash > ldd --verbose /usr/bin/cat Containerization or sand-boxing is practically meaningless when punching holes for GPU, Network, media and HMI devices. Best of luck =3 | ||||||||
| ▲ | akimbostrawman 2 days ago | parent [-] | |||||||
>Containerization or sand-boxing is practically meaningless when punching holes for GPU, Network, media and HMI devices Many applications don't need these permissions and even the ones that do will be much more secure than having full user space access by default. Someone could exploit the system to gain more access vs someone does not need to do anything because they have full access by default. It's like arguing you don't need a root password because sudo is insecure anyway. | ||||||||
| ||||||||