The ebuilds present this issue: >scanelf: rpath_security_checks(): Maybe? sec problem with DT_RPATH='libblkmaker/.libs' in /var/tmp/portage/net-misc/bfgminer-2.10.5/image/usr/bin/bfgminer >scanelf: rpath_security_checks(): Maybe? sec problem with DT_RUNPATH='libblkmaker/.libs' in /var/tmp/portage/net-misc/bfgminer-2.10.5/image/usr/bin/bfgminer >scanelf: rpath_security_checks(): Maybe? sec problem with DT_RPATH='libblkmaker/.libs' in /var/tmp/portage/net-misc/bfgminer-2.10.5/image/usr/bin/bfgminer >scanelf: rpath_security_checks(): Maybe? sec problem with DT_RUNPATH='libblkmaker/.libs' in /var/tmp/portage/net-misc/bfgminer-2.10.5/image/usr/bin/bfgminer
I'm proxying for Luke who is aware of the issue. Note: *maybe* a security issue. He wants to keep that in there so you can run bfgminer from the directory in which its compiled and to find the library, you need RPATH. We might remove that by some elf mangling utility when merging to ROOT. Let me think about it.
(In reply to comment #1) > I'm proxying for Luke who is aware of the issue. I noticed that, although the email he has set in the metadata.xml did not appear here on the bugzilla, that's why I was unable to CC him. I saw he had a new email here although I wasn't sure if it was the same person. That's why I waited to see if you'll CC him to remind you if you could change his email to match the one he's currently using here at the bugzilla.
How is this a security (or any) issue?
(In reply to comment #3) > How is this a security (or any) issue? I google for a simple explanation: http://www.globus.org/toolkit/rpaths.html Gentoo is not the only distro that has a policy against it http://wiki.debian.org/RpathIssue
This is no longer an issue in recent ebuilds because we link against a system libblkmaker.
