Comment #351
Kaushal Modi wrote
the following reply to
https://scripter.co/nim-deploying-static-binaries/:
> Static linking is terrible for security when software is deployed by users or other organizations.
Yes. I understand the security risk. There's a bit more involved discussion on [the HN thread for this post](https://news.ycombinator.com/item?id=18055337).
> Or developers leave. Or in many other conditions.
It's not clear what developers leaving have to do with the security.
I want my Nim apps to be able to be simply downloaded, extracted and run. I see that a lot of apps from different languages have been doing this successfully for years. So I might just take this risk.
The security concern is valid and I will add a note in the installation instructions on how to build them locally if they don't want to download the static binary.
Reply to this comment