This is the mail archive of the libc-hacker@sourceware.org mailing list for the glibc project.
Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On Fri, Dec 10, 2010 at 09:46:10AM +0100, Andreas Schwab wrote: > Ulrich Drepper <drepper@gmail.com> writes: > > > On Thu, Dec 9, 2010 at 09:47, Andreas Schwab <schwab@redhat.com> wrote: > >> 2010-12-09 ?Andreas Schwab ?<schwab@redhat.com> > >> > >> ? ? ? ?* elf/dl-object.c (_dl_new_object): Ignore origin of privileged > >> ? ? ? ?program. > > > > The check should also have a whitelist for programs in > > {,/usr}/lib{,64}, similar to the DSO tests. > > I don't think this is useful. Libraries are not installed alongside > programs and privileged programs can only use $ORIGIN exactly. Well, for some of the iconv modules which use $ORIGIN that is /usr/lib{,64}/gconv and we certainly need to do something about them, either stop using $ORIGIN there, or make $ORIGIN be allowed to /usr/lib{,64}/gconv, etc.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |