On Fri, Dec 19, 2014 at 11:49:49PM +0100, Martin Carpenter wrote:
Package: debian-policy
Severity: important
Tags: patch
Dear Maintainer,
The existing policy does not specify that the RPATH or RUNPATH (if
present) should not contain relative paths or paths that traverse
dangerous (eg
On Sat, 2014-12-20 at 02:10 -0200, Henrique de Moraes Holschuh wrote:
IMHO, the suggested wording does get the point across that whomever wants to
use RPATH/RUNPATH must be prepared to defend its use with strong technical
reasons.
Exactly. Without it I was concerned this would tacitly condone
On Sun, 21 Dec 2014, Martin Carpenter wrote:
Packages are not allowed to create *and* execute libraries or executables
with unsafe RPATH or RUNPATH at any time, not even during their build
process.
But actually Package maintainers should not make or run dangerous
stuff? Agreed -- and
Package: debian-policy
Severity: important
Tags: patch
Dear Maintainer,
The existing policy does not specify that the RPATH or RUNPATH (if
present) should not contain relative paths or paths that traverse
dangerous (eg world writable) directories. There is some discussion
of this on the
Hi,
Martin Carpenter wrote:
8.7 RUNPATH and RPATH
Libraries and executables should not define RPATH or RUNPATH unless
absolutely necessary.
This part seems vague to me --- if a project relies on RUNPATH but could
be modified to avoid relying on it, is today's use of RUNPATH absolutely
On Fri, 19 Dec 2014, Jonathan Nieder wrote:
8.7 RUNPATH and RPATH
Libraries and executables should not define RPATH or RUNPATH unless
absolutely necessary.
This part seems vague to me --- if a project relies on RUNPATH but could
be modified to avoid relying on it, is today's use of
6 matches
Mail list logo