Use DT_RUNPATH over DT_RPATH. If DT_RUNPATH is present, LD_LIBRARY_PATH is
searched before
DT_RUNPATH, Search order is DT_RPATH then LD_LIBRARY_PATH then
DT_RUNPATH, this order ensures that injecting
malicious shared objects is way harder with DT_RUNPATH.
This is now default on major linux distributions already
Signed-off-by: Khem Raj <raj.k...@gmail.com>
---
meta/recipes-devtools/binutils/binutils.inc | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-devtools/binutils/binutils.inc
b/meta/recipes-devtools/binutils/binutils.inc
index b2dbf241df..c69d29448f 100644
--- a/meta/recipes-devtools/binutils/binutils.inc
+++ b/meta/recipes-devtools/binutils/binutils.inc
@@ -96,6 +96,7 @@ EXTRA_OECONF = "--program-prefix=${TARGET_PREFIX} \
--disable-werror \
--enable-deterministic-archives \
--enable-plugins \
+ --enable-new-dtags \
--disable-gdb \
--disable-gdbserver \
--disable-libdecnumber \
--
2.39.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#177602):
https://lists.openembedded.org/g/openembedded-core/message/177602
Mute This Topic: https://lists.openembedded.org/mt/97178429/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
