[cl-debian] Bug#495756: ecl has rpath to insecure location (/tmp/buildd/ecl-0.9j-20080306/build/)

Hi Bill! For the ECL list: this is a 'serious' bug in the Debian BTS [1]. For the reason why rpath is considered harmful by Debian see [2] and [3]. Please don't Cc: me, I read the list. However, please keep the Debian bug cc:ed (no need to subscribe), I set the M-F-T and R-T to both the bug and the mailing list to facilitate the above :-) On Wed, 20 Aug 2008 10:55:51 +0200, Bill Allombert wrote:
Hello Debian Common Lisp Team, ecl includes a ELF file /usr/lib/ecl/asdf.fas with a rpath pointing to /tmp/buildd/ecl-0.9j-20080306/build/.
If I'm not wrong, this is a design decision, which seems to be officially documented at [4]. However, it's strange that the rpath is pointing to /tmp/... and not /usr/lib/ecl/.
This allows an attacker with write access to that directory to add modified libraries which will be loaded when someone else run ecl.
I've added the ECL list to cc:. While I can easily remove the rpath as explained at [3], I'll wait for upstream's voice :-) Thx, bye, Gismo / Luca Footnotes: [1] http://bugs.debian.org/495756 [2] http://people.debian.org/~che/personal/rpath-considered-harmful [3] http://wiki.debian.org/RpathIssue [4] http://thread.gmane.org/gmane.lisp.ecl.general/205/focus=215
participants (1)
-
Luca Capello