[Proposal] binaries must not have rpath outside /usr/lib/<dir>/

To: debian-policy@lists.debian.org
Subject: [Proposal] binaries must not have rpath outside /usr/lib/<dir>/
From: Bill Allombert <allomber@math.u-bordeaux.fr>
Date: Mon, 28 Nov 2005 18:29:57 +0100
Message-id: <20051128172957.GJ7555@seventeen>
Mail-followup-to: debian-policy@lists.debian.org

Hello Debian-policy,

I would propose to forbid improper rpath in binaries.

Looking here I see 3 cases:

<http://lintian.debian.org/reports/Tbinary-or-shlib-defines-rpath.html>

1) rpath to /usr/lib/<dir>/: this is probably OK at least if the
libraries in  /usr/lib/<dir>/ are shipped in the same package
(10.2. par 6-7).

2) rpath to /usr/lib and to /usr/X11R6/lib: this is useless and can
cause problem we move /usr/X11R6/lib to /usr/lib or /usr/lib to /lib
(hurd). This has been deprecated since the libc6 transition.

3) rpath to the build environment: this can be a security hole on
a system where per chance the path lead to a user writable directory.

So I would propose for policy explicitly forbid 2) and 3).

Opinions ?

Cheers,
-- 
Bill. <ballombe@debian.org>

Imagine a large red swirl here.

Reply to:

Follow-Ups:
- Re: [Proposal] binaries must not have rpath outside /usr/lib/<dir>/
  - From: md@Linux.IT (Marco d'Itri)
- Re: [Proposal] binaries must not have rpath outside /usr/lib/<dir>/
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: [Proposal] binaries must not have rpath outside /usr/lib/<dir>/
  - From: Ian Jackson <ian@davenant.greenend.org.uk>

Prev by Date: Mailing list vs. real person name in debian/changelog entries
Next by Date: Re: [Proposal] binaries must not have rpath outside /usr/lib/<dir>/
Previous by thread: Mailing list vs. real person name in debian/changelog entries
Next by thread: Re: [Proposal] binaries must not have rpath outside /usr/lib/<dir>/
Index(es):
- Date
- Thread