> On 3 Apr 2024, at 09:13, Alvaro Herrera <alvhe...@alvh.no-ip.org> wrote: > > On 2024-Apr-02, David E. Wheeler wrote: > >> That quotation comes from this Debian patch[2] maintained by Christoph >> Berg. I’d like to formally propose integrating this patch into the >> core. And not only because it’s overhead for package maintainers like >> Christoph, but because a number of use cases have emerged since we >> originally discussed something like this back in 2013[3]: > > I support the idea of there being a second location from where to load > shared libraries
Agreed, the case made upthread that installing an extension breaks the app signing seems like a compelling reason to do this. The implementation of this need to make sure the directory is properly set up however to avoid similar problems that CVE 2019-10211 showed. -- Daniel Gustafsson
