Why not statically compiled binaries?

This is a general question I have but from the point of few of fedora what is the issue with providing statically compiled binaries?

Is it because of the size or is it due to software issues that arise later?

The “source of truth” would be the likely answer. By building from source, the code is auditable by all. Basically it is the chain of trust you’re building to show that what you say the software is, is just that.

The main problem is that if you statically link everything then as soon as there’s a security issue in something like zlib you have to rebuild half the distribution.

2 Likes

There are pros and cons with static compiling.
Static compiled binaries are larger – that is a given.
If a user has many static compiled binaries installed then it may make a significant difference in size of the overall OS.
Static compiled libraries may not take advantage of improvements in the functions of supporting libraries and if those improvements are bug fixes then the binary must be recompiled to fix the included bugs.

Static compiled binaries may work even if the libraries they use are updated and become incompatible – which is a rarity.
Static compiled binaries may work even on an OS that does not have the supporting libraries installed.