> What happens if a setuid/setgid app is talked into loading a malicious
> loader? The hard-coded method is far safer. If you need loaders
> elsewhere, change PACKAGE_LIB_DIR at build time.
Correct me if I am wrong, but exposing an API to change the loader
path will essentially transfer security issues to the client, whom we
assume is aware of the dangers of allowing an arbitrary path :) So,
IMO, exposing an API is not a bad thing (env vars is a different
issue) if there are use cases for it...
Ramkumar.
--
April 1: This is the day upon which we are reminded of
what we are on the other three hundred and sixty-four.
-- Mark Twain, "Pudd'nhead Wilson's Calendar"
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid�0944&bid$1720&dat�1642
_______________________________________________
enlightenment-devel mailing list
enlightenment-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
