Author haubi
Recipients dickdunbar, haubi, loris, nnorwitz, pitrou, sable
Date 2011-02-09.14:49:40
SpamBayes Score 8.30253e-05
Marked as misclassified No
Message-id <1297262981.67.0.197753117819.issue941346@psf.upfronthosting.co.za>
In-reply-to
Content
Sébastien, why did you need to add '-L$(srcdir)' to BLDSHARED in these patches?

As LDLIBRARY points to the immediate file 'libpython$(VERSION).so' instead of '-lpython$(VERSION)', I don't see the need for '-L$(srcdir)' at all.

The problem is that '-L$(srcdir)' adds '$(srcdir)' to the runpath too (as there is no '-blibpath' argument), opening a security hole for libpythonX.Y.so as well as the modules.so.
History
Date User Action Args
2011-02-09 14:49:41haubisetrecipients: + haubi, nnorwitz, pitrou, sable, dickdunbar, loris
2011-02-09 14:49:41haubisetmessageid: <1297262981.67.0.197753117819.issue941346@psf.upfronthosting.co.za>
2011-02-09 14:49:41haubilinkissue941346 messages
2011-02-09 14:49:41haubicreate