This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/11643] ldopen failing with relative path ($ORIGIN) when a capability is set
- From: "pasky at suse dot cz" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 31 May 2010 17:13:08 -0000
- Subject: [Bug libc/11643] ldopen failing with relative path ($ORIGIN) when a capability is set
- References: <20100528162846.11643.bugeaud@gmail.com>
- Reply-to: sourceware-bugzilla at sourceware dot org
------- Additional Comments From pasky at suse dot cz 2010-05-31 17:13 -------
Roland's point is that bugzilla is for actual bugs, this is not an obvious bug
more of a discussion point; if you'd have questions about it, you should ask at
libc-help.
(Before you do that, consider that AT_SECURE is set by the kernel when the
process has more privileges than the user starting it, and thus means for the
user to plug in custom code to the process context should be limited - more
privileges does not just mean "superuser", the whole point of capabilities is
that specific privileges can be abused as well. The moment you allow $ORIGIN for
a process with a certain capability, it's just as if you'd simply give all users
on the system the capability right away.)
--
http://sourceware.org/bugzilla/show_bug.cgi?id=11643
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.