Re: RT linker, rpath and security

To: tech-toolchain%netbsd.org@localhost
Subject: Re: RT linker, rpath and security
From: tlaronde%polynum.com@localhost
Date: Thu, 11 May 2023 15:36:32 +0200

Le Thu, May 11, 2023 at 03:11:41PM +0200, Joerg Sonnenberger a écrit :
> Am Thu, May 11, 2023 at 08:09:30AM +0200 schrieb tlaronde%polynum.com@localhost:
> > Isn't it the way a run time linker uses rpath search path a security
> > risk?
> 
> You found the reason why many of us object to the use of $ORIGIN. The
> rpath we build into libraries is explicit and at least pkgsrc will also
> sanity check the list. Unlike e.g. Windows, the default is to not
> include $PWD.

This (for pkgsrc), I didn't know and is reassuring.

But I will look also at what has passed Rhialto about "lengthening" the
library names by specifying a pathname instead of relying only on
a soname.
-- 
        Thierry Laronde <tlaronde +AT+ polynum +dot+ com>
                     http://www.kergis.com/
                    http://kertex.kergis.com/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89  250D 52B1 AE95 6006 F40C

References:
- RT linker, rpath and security
  - From: tlaronde
- Re: RT linker, rpath and security
  - From: Joerg Sonnenberger

Prev by Date: Re: RT linker, rpath and security
Next by Date: Re: RT linker, rpath and security
Previous by Thread: Re: RT linker, rpath and security
Indexes:

Home | Main Index | Thread Index | Old Index