Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 124962

Summary: rpath behavior changes
Product: Portage Development Reporter: solar (RETIRED) <solar>
Component: CoreAssignee: Portage team <dev-portage>
Severity: normal CC: bfg-dev, koon
Priority: High Keywords: InVCS
Version: 2.1   
Hardware: All   
OS: Linux   
Package list:
Runtime testing required: ---
Attachments: ebuild-rpath.diff

Description solar (RETIRED) gentoo-dev 2006-03-04 09:19:01 UTC
Bug are being filed left and right for rpath security problems but our 
teams seem to be under staffed and the problems are not being addressed
quickly enough.

This bug will serve to track a behavior change in how we deal with those 

When FEATURES=stricter is not set and we encounter an insecure runpath 
we remove it from the offending ELF vs calling an exit. A QA warning
should still be emited. When FEATURES=stricter is set we will continue
to bail.
Comment 1 solar (RETIRED) gentoo-dev 2006-03-04 09:32:25 UTC
Created attachment 81302 [details, diff]

I'm thinking something like this patch
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2006-03-04 13:10:16 UTC
IMHO the QA warning shall be changed so that it doesn't reference bug 81745 but asks to file a bug against the package instead.
Comment 3 solar (RETIRED) gentoo-dev 2006-03-04 13:18:35 UTC
Created attachment 81344 [details, diff]

Updated version.
Comment 4 solar (RETIRED) gentoo-dev 2006-03-05 06:58:06 UTC
Created attachment 81402 [details, diff]

This versions picks up the /var/tmp cases also. (tested on pike)
Comment 5 solar (RETIRED) gentoo-dev 2006-03-05 07:05:25 UTC

This will require the DEPEND in the next portage to be >=pax-utils-0.1.10
Comment 6 Thierry Carrez (RETIRED) gentoo-dev 2006-03-06 09:35:02 UTC
*** Bug 117335 has been marked as a duplicate of this bug. ***
Comment 7 solar (RETIRED) gentoo-dev 2006-03-24 15:17:40 UTC
Backported to portage/main/branches/2.0.54/bin
Comment 8 solar (RETIRED) gentoo-dev 2006-06-13 05:07:31 UTC
This should be closed