Re: libsafe and Debian installation
On Mon, 2002-04-22 at 12:46, Andrew Suffield wrote:
> On Mon, Apr 22, 2002 at 12:32:54PM -0400, Shaya Potter wrote:
> > Is there any good reason why an install of Debian should not ask the
> > user if they want to install libsafe, and give them reasons why they
> > would want to, and possibly not want to (overhead....)
>
> Because no version of debian will release with it anytime soon;
> thusly, modifying any existing installer to do this would be
> premature.
>
> > There are probably some other packages that also provide some real
> > security, in a very easy to do manner that we should give users the
> > option of using. Just having the package available doesn't make
users
> > aware of it.
> >
> > wondering what other people think,
>
> * #129345: libsafe: breaks libgtk1.3-common postinst
> * #140144: libsafe: Bypassing libsafe format string protection
>
> I think it's buggy.
The first bug is a possible problem. But LD_PRELOAD in general can be
an issue. i.e. using LD_PRELOAD with libgdkxft causes me serious issues
with building X and using imake (xmkmf) in general. Because libgdkxft
breaks Imake for me, does that mean its buggy? I think its more along
the lines of LD_PRELOAD and dynamic loading being buggy. (as at least 2
seperate instances of ld_preload and libdl I now see as causing
problems)
on the 2nd bug, it was an actual bug in the library, that was fixed.
the current version is 2.0-13, the version in debian is 2.0-9 (debian
release -2)
shaya
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: