tech-toolchain archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: RT linker, rpath and security

To: tech-toolchain%netbsd.org@localhost
Subject: Re: RT linker, rpath and security
From: Joerg Sonnenberger <joerg%bec.de@localhost>
Date: Thu, 11 May 2023 15:11:41 +0200

Am Thu, May 11, 2023 at 08:09:30AM +0200 schrieb tlaronde%polynum.com@localhost:
> Isn't it the way a run time linker uses rpath search path a security
> risk?

You found the reason why many of us object to the use of $ORIGIN. The
rpath we build into libraries is explicit and at least pkgsrc will also
sanity check the list. Unlike e.g. Windows, the default is to not
include $PWD.

Joerg

Follow-Ups:
- Re: RT linker, rpath and security
  - From: tlaronde

References:
- RT linker, rpath and security
  - From: tlaronde

Prev by Date: Re: [and paxctl] RT linker, rpath and security
Next by Date: Re: RT linker, rpath and security
Previous by Thread: Re: RT linker, rpath and security
Next by Thread: Re: RT linker, rpath and security
Indexes:

Home | Main Index | Thread Index | Old Index