1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-dev] executable libraries
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20executable%20libraries&In-Reply-To=%3C4F521271.6010001%40gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="012535.html">
<LINK REL="Next" HREF="012899.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-dev] executable libraries</H1>
<B>Guillaume Rousse</B>
<A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20executable%20libraries&In-Reply-To=%3C4F521271.6010001%40gmail.com%3E"
TITLE="[Mageia-dev] executable libraries">guillomovitch at gmail.com
</A><BR>
<I>Sat Mar 3 13:45:37 CET 2012</I>
<P><UL>
<LI>Previous message: <A HREF="012535.html">[Mageia-dev] executable libraries
</A></li>
<LI>Next message: <A HREF="012899.html">[Mageia-dev] executable libraries
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#12550">[ date ]</a>
<a href="thread.html#12550">[ thread ]</a>
<a href="subject.html#12550">[ subject ]</a>
<a href="author.html#12550">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>Le 02/03/2012 22:01, Per Øyvind Karlsen a écrit :
><i> Den 21:51 2. mars 2012 skrev Maarten Vanraes<<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">alien at rmail.be</A>> følgende:
</I>>><i> Op vrijdag 02 maart 2012 21:29:05 schreef Anssi Hannula:
</I>>>><i> 02.03.2012 21:57, Maarten Vanraes kirjoitti:
</I>>>>><i> Op vrijdag 02 maart 2012 15:22:23 schreef Anssi Hannula:
</I>>>>>><i> 02.03.2012 00:17, Maarten Vanraes kirjoitti:
</I>>>>>>><i> Op donderdag 01 maart 2012 23:05:35 schreef Anssi Hannula:
</I>>>>>>><i> [...]
</I>>>>>>><i>
</I>>>>>>>>><i> does this mean debug info fails for these?
</I>>>>>>>><i>
</I>>>>>>>><i> I'm not immediately sure (I never remember how the debug/stripping
</I>>>>>>>><i> stuff works exactly), but I think either a) debug symbols extraction
</I>>>>>>>><i> and thus -debug packaging, b) stripping, or c) both will fail with
</I>>>>>>>><i> non-executable shared libs.
</I>>>>>>><i>
</I>>>>>>><i> in that case i guess we would need a policy or bs check to make sure we
</I>>>>>>><i> don't fail some libraries debug and strip
</I>>>>>><i>
</I>>>>>><i> Possibly.
</I>>>>>><i>
</I>>>>>><i> Interestingly, Debian policy disallows executable permission on shared
</I>>>>>><i> libs:
</I>>>>>><i> <A HREF="http://www.debian.org/doc/debian-policy/ch-sharedlibs.html#s-sharedlibs-">http://www.debian.org/doc/debian-policy/ch-sharedlibs.html#s-sharedlibs-</A>
</I>>>>>><i> ru ntime
</I>>>>>><i>
</I>>>>>><i> "Shared libraries should not be installed executable, since the dynamic
</I>>>>>><i> linker does not require this and trying to execute a shared library
</I>>>>>><i> usually results in a core dump."
</I>>>>><i>
</I>>>>><i> which is sort of strange, since libc is actually executable by design.
</I>>>>><i>
</I>>>>><i> i see where they are coming from
</I>>>>><i>
</I>>>>><i> but i guess the first part of this is, why is there a find with
</I>>>>><i> executable restrictions for the code relating to stripped binaries and
</I>>>>><i> debug?
</I>>>>><i>
</I>>>>><i> is it because it's also used for real executables?
</I>>>><i>
</I>>>><i> I guess it is there just to speed up the process, otherwise it would
</I>>>><i> have to run 'file' for every file in the package (and many packages have
</I>>>><i> lots of files).
</I>>><i>
</I>>><i> still, it seems kind of weird, there are rpmlint checks for unstripped
</I>>><i> libraries, but i do have 34 libraries not marked as executable, while the
</I>>><i> stripping+ debug seems to target only executables?
</I>>><i>
</I>>><i> i wonder if we should make another check library unset as executable or even
</I>>><i> check what happened with these libraries not marked as executable?
</I>><i> I posted a link to a rpmlint patch implementing such a check to this thread two
</I>><i> hours ago.. :p
</I>I don't much point to a check, when a rpm-helper scriptlet would be able
to automatically enforce any given permission set.
--
Mines are equal opportunity weapons
-- Murphy's Military Laws n°55
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="012535.html">[Mageia-dev] executable libraries
</A></li>
<LI>Next message: <A HREF="012899.html">[Mageia-dev] executable libraries
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#12550">[ date ]</a>
<a href="thread.html#12550">[ thread ]</a>
<a href="subject.html#12550">[ subject ]</a>
<a href="author.html#12550">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>
|