This is the mail archive of the libc-hacker@sourceware.org mailing list for the glibc project.
Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
On Fri, Dec 10, 2010 at 09:46:10AM +0100, Andreas Schwab wrote:
> Ulrich Drepper <drepper@gmail.com> writes:
>
> > On Thu, Dec 9, 2010 at 09:47, Andreas Schwab <schwab@redhat.com> wrote:
> >> 2010-12-09 ?Andreas Schwab ?<schwab@redhat.com>
> >>
> >> ? ? ? ?* elf/dl-object.c (_dl_new_object): Ignore origin of privileged
> >> ? ? ? ?program.
> >
> > The check should also have a whitelist for programs in
> > {,/usr}/lib{,64}, similar to the DSO tests.
>
> I don't think this is useful. Libraries are not installed alongside
> programs and privileged programs can only use $ORIGIN exactly.
Well, for some of the iconv modules which use $ORIGIN that is
/usr/lib{,64}/gconv and we certainly need to do something about them,
either stop using $ORIGIN there, or make $ORIGIN be allowed to
/usr/lib{,64}/gconv, etc.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |