[arch-general] what about ELF rpath in Arch Linux?
Allan McRae
allan at archlinux.org
Fri Mar 20 11:43:20 EDT 2009
Gerardo Exequiel Pozzi wrote:
> Hi,
>
> (first: sorry my very bad english)
>
> I see that many executables and libraries in Arch Linux don't take care
> about rpath in package creation step.
>
<snip>
So here is what gentoo does:
f=$(scanelf -qyRF '%r %p' "${D}" | grep -E
"(${PORTAGE_BUILDDIR}|: |::|^ )")
if [[ -n ${f} ]] ; then
echo -ne '\a\n'
echo "QA Notice: the following files contain insecure RUNPATH's"
echo " Please file a bug about this at http://bugs.gentoo.org/"
echo " For more information on this issue, kindly review:"
echo " http://bugs.gentoo.org/81745"
echo "${f}"
echo -ne '\a\n'
die "Insecure binaries detected"
fi
I think this should be a namcap check rather than have makepkg
automatically adjust these - although I could be convinced otherwise.
Sacnning my computer with readelf, I found a few other packages that
this effects. There are also plenty of "Library rpath: [$ORIGIN]" which
I am not sure if is bad...
Anyway, it would be good if you could open a bug report about this.
Allan
More information about the arch-general
mailing list