Message 128214 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	haubi
Recipients	dickdunbar, haubi, loris, nnorwitz, pitrou, sable
Date	2011-02-09.14:49:40
SpamBayes Score	8.302529e-05
Marked as misclassified	No
Message-id	<1297262981.67.0.197753117819.issue941346@psf.upfronthosting.co.za>
In-reply-to

Content
Sébastien, why did you need to add '-L$(srcdir)' to BLDSHARED in these patches? As LDLIBRARY points to the immediate file 'libpython$(VERSION).so' instead of '-lpython$(VERSION)', I don't see the need for '-L$(srcdir)' at all. The problem is that '-L$(srcdir)' adds '$(srcdir)' to the runpath too (as there is no '-blibpath' argument), opening a security hole for libpythonX.Y.so as well as the modules.so.

Sébastien, why did you need to add '-L$(srcdir)' to BLDSHARED in these patches?

As LDLIBRARY points to the immediate file 'libpython$(VERSION).so' instead of '-lpython$(VERSION)', I don't see the need for '-L$(srcdir)' at all.

The problem is that '-L$(srcdir)' adds '$(srcdir)' to the runpath too (as there is no '-blibpath' argument), opening a security hole for libpythonX.Y.so as well as the modules.so.

History
Date	User	Action	Args
2011-02-09 14:49:41	haubi	set	recipients: + haubi, nnorwitz, pitrou, sable, dickdunbar, loris
2011-02-09 14:49:41	haubi	set	messageid: <1297262981.67.0.197753117819.issue941346@psf.upfronthosting.co.za>
2011-02-09 14:49:41	haubi	link	issue941346 messages
2011-02-09 14:49:41	haubi	create