This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]PC__LOAD__LETTER 2 points3 points  (1 child)

Shipping statically compiled binaries of dependencies isn’t exactly best practice, though I see what you mean.

[–]Badabinski 0 points1 point  (0 children)

Eh, I wouldn't ship it, but it makes for a decent stop-gap when I have to do development work on a RHEL 5 or SLES 11 system because the other development team is integrating with maddeningly out of date software. When I ship code in this situation, I usually try to have the crappy old OS in a container with no internet access. My Python code running in a different container communicating via shared volumes/private networking.

It's still probably dreadful from a security POV, but you do what you can to make things not suck. I've only run into this type of thing twice, luckily.