Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 461938

Summary: net-misc/bfgminer-{2.8.7,2.9.4,2.9.7,2.9.10,2.10.2,2.10.5} - scanelf: rpath_security_checks(): Maybe? sec problem with [...]
Product: Gentoo Linux Reporter: Denis M. (Phr33d0m) <god>
Component: Current packagesAssignee: Anthony Basile <blueness>
Status: RESOLVED FIXED    
Severity: normal CC: luke-jr+gentoobugs, proxy-maint
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Denis M. (Phr33d0m) 2013-03-16 17:05:23 UTC 
The ebuilds present this issue:

>scanelf: rpath_security_checks(): Maybe? sec problem with DT_RPATH='libblkmaker/.libs' in /var/tmp/portage/net-misc/bfgminer-2.10.5/image/usr/bin/bfgminer
>scanelf: rpath_security_checks(): Maybe? sec problem with DT_RUNPATH='libblkmaker/.libs' in /var/tmp/portage/net-misc/bfgminer-2.10.5/image/usr/bin/bfgminer
>scanelf: rpath_security_checks(): Maybe? sec problem with DT_RPATH='libblkmaker/.libs' in /var/tmp/portage/net-misc/bfgminer-2.10.5/image/usr/bin/bfgminer
>scanelf: rpath_security_checks(): Maybe? sec problem with DT_RUNPATH='libblkmaker/.libs' in /var/tmp/portage/net-misc/bfgminer-2.10.5/image/usr/bin/bfgminer
Comment 1 Anthony Basile gentoo-dev 2013-03-16 17:29:35 UTC 
I'm proxying for Luke who is aware of the issue.  Note: *maybe* a security issue.  He wants to keep that in there so you can run bfgminer from the directory in which its compiled and to find the library, you need RPATH.  We might remove that by some elf mangling utility when merging to ROOT.  Let me think about it.
Comment 2 Denis M. (Phr33d0m) 2013-03-16 17:32:55 UTC 
(In reply to comment #1)
> I'm proxying for Luke who is aware of the issue.
I noticed that, although the email he has set in the metadata.xml did not appear here on the bugzilla, that's why I was unable to CC him. I saw he had a new email here although I wasn't sure if it was the same person.

That's why I waited to see if you'll CC him to remind you if you could change his email to match the one he's currently using here at the bugzilla.
Comment 3 Luke-Jr 2013-03-16 17:39:06 UTC 
How is this a security (or any) issue?
Comment 4 Anthony Basile gentoo-dev 2013-03-16 23:20:45 UTC 
(In reply to comment #3)
> How is this a security (or any) issue?

I google for a simple explanation:

    http://www.globus.org/toolkit/rpaths.html

Gentoo is not the only distro that has a policy against it

    http://wiki.debian.org/RpathIssue
Comment 5 Anthony Basile gentoo-dev 2014-07-07 22:16:18 UTC 
This is no longer an issue in recent ebuilds because we link against a system libblkmaker.