Am 2016-05-10 14:41, schrieb Vincent Lefevre:
On 2016-05-10 13:41:14 +0200, Christian Seiler wrote:
Yes, so the problem is that gtk3-nocsd sets
LD_PRELOAD=libgtk3-noscd.so.0.
That means that ld.so tries to preload the library - and there's
currently
now way of telling ld.so to not print an error and simply ignore and
entry
in LD_PRELOAD if it can't load it. (And you only have the amd64
version
installed.)
This would have been the best solution
I agree. Maybe I should open a bug report against libc...
(For this reason the library is installed as mode 4644, to make ld.so
preload it even if the binary is setuid/setgid/has fscaps, otherwise
you'd
get the same message everytime you type 'ping' or 'su'. See the
lintian
overrides of the package.)
Couldn't this be a security issue in case there is a potential bug in
gtk3-nocsd, just to avoid an error message?
In principle, yes. However, I did carefully think about the
consequences,
and for there to be a security issue would mean that the called binary
needs to load a shared library with a symbol with the same name as those
that gtk3-nocsd exports, and the user needs to be able to influence the
code that calls that function to pass it some weird input AND there has
to
be a bug in gtk3-nocsd that is exploitable. I'm not saying that there's
no
risk to it, but the attack surface is really low here, compared to a lot
of other stuff that can go wrong in privileged programs. (Especially
since
the routines that gtk3-nocsd overrides have nothing to do at all with
user
input.)
Perhaps in the long term,
ld.so should provide a way to avoid error messages due to non-matching
permissions or ELF class.
Yes. And not only for permissions, I'd really like to have something
like
"please try this. If it doesn't work, don't worry, just continue, don't
say anything".
Perhaps provide a 32-bit library for the amd64 package? But one should
still make sure that packages in both arch are coinstallable.
I'm not a fan of special-casing amd64/i386 here, because on ARM you'll
easily have the same issue (e.g. arm64 system with some 32bit armhf
binaries) in principle. (Although I don't know if arm64 has multilib or
only supports real multiarch.)
If there is no good solution, some note should be added to the
/usr/share/doc/gtk3-nocsd/README.Debian file, hoping that if the
user gets the error message, he would look at this file.
Yes, I'll definitely add a note there.
Regards,
Christian
