On Fri, 6 Oct 2000 [EMAIL PROTECTED] wrote: > If you want to use rpath then you might want to check it with > somebody with experience in security (Debian security team?),
rpath has some advantages in this case over hardwiring the paths into the executable (for example, you can add paths at runtime with LD_LIBRARY_PATH), but I think this is going to cause too much trouble. > I think one of the arguments was about security. I may be > totally off here, but IIRC rpath also checks an environment > variable and this is considered very insecure. The enviroment is checked at each dlopen() except if the args to dlopen() specify the full path or the program is a setuid application. rpath is no less secure than programs without an rpath, but they help avoid trouble by allowing the user to put libraries specific to a a certain paackage (regina comes to mind :-) ) into a separate subdir and specifying it in the rpath of the regina binaries, so that these programs still find their libraries, but other programs don't. Simon -- GPG public key available from http://phobos.fs.tum.de/pgp/Simon.Richter.asc Fingerprint: A319 A60F 20F6 C8A4 3C86 54B4 99CD AC6E 79D1 B1E7 Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
