[oe] HEADS UP: insane.bbclass will now detect and stop the build on wrong RPATHs.
Justin Patrin
papercrane at gmail.com
Thu Apr 26 18:10:15 UTC 2007
On 4/26/07, Koen Kooi <koen at dominion.kabel.utwente.nl> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Justin Patrin schreef:
> > On 4/26/07, Leon Woestenberg <leon.woestenberg at gmail.com> wrote:
> >> Hello all,
> >>
> >> for those of you using insane.bbclass, it will now correctly detect
> >> wrong RPATH's in shared libraries and fail on them.
> >>
> >> Unfortunately, as we have not fixed wrong RPATH's yet in our shared
> >> library handling, this will cause builds using insane.bbclass to fail.
> >>
> >> See bug #2140.
> >>
> >> I hope to be able to fix the .so RPATH stuff as well, but any help is welcomed.
> >>
> >
> > So what you're saying is that angstrom won't build until the RPATH
> > problems are fixed? Kind of sucks for those users who don't know how
> > to fix the problem. I'd suggest that this be made a warning instead of
> > a failure (or have a conf entry that makes it one or the other).
>
> It is a huge gaping security hole, so it is indeed an error.
>
A "huge gaping security hole" that requires you to download a
malicious ipk with malicious libraries which figures out what your
build path was, then installs those libraries there.
Or you could just download a malicious ipk which overwrites the actual
libraries.
I don't see what's hude or gaping about this.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (Darwin)
>
> iD8DBQFGMOMQMkyGM64RGpERAqoYAKCHCwKJaUuL+1REjY/CRBYMxa7afACfTbs3
> 4ErvVInAL06DjxXwHDTtLb0=
> =sa1b
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Openembedded-devel mailing list
> Openembedded-devel at lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-devel
>
--
Justin Patrin
More information about the Openembedded-devel
mailing list