-
Notifications
You must be signed in to change notification settings - Fork 12.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
remove usage of absolute rpaths #12754
Conversation
This is the uncontroversial part of the change. I haven't removed the fallback or relative rpaths. |
To be clear, this doesn't remove all absolute rpaths, but only the absolute rpath to the target crate. This leaves the fallback absolute rpath to sysroot - removing that would cause all crates that are moved on disk to break. |
This is a significant security issue as it adds a hidden library path based on the location of the build directory. It is *always* wrong in an installed package, and can be leveraged by an unprivileged user to inject libraries into a binary called by another user or even root. Closes #11746 This is a step towards fixing #11747 but is only a partial solution.
The error is possibly with multi-host cross-compiles. I think there's an option in the makefile to set LD_LIBRARY_PATH when --disable-rpath; that may just need to be always on now. |
This may be able to get by with removing this logic: https://github.com/mozilla/rust/blob/master/mk/main.mk#L345-L355 (removing the condition on |
Closing due to inactivity. |
Concerns have been raised about using absolute rpaths in rust-lang#11746, and this is the first step towards not relying on rpaths at all. The only current use case for an absolute rpath is when a non-installed rust builds an executable that then moves from is built location. The relative rpath back to libstd and absolute rpath to the installation directory still remain (CFG_PREFIX). Closes rust-lang#11746 Rebasing of rust-lang#12754
Concerns have been raised about using absolute rpaths in rust-lang#11746, and this is the first step towards not relying on rpaths at all. The only current use case for an absolute rpath is when a non-installed rust builds an executable that then moves from is built location. The relative rpath back to libstd and absolute rpath to the installation directory still remain (CFG_PREFIX). Closes rust-lang#11746 Rebasing of rust-lang#12754
fix: Fix VSCode status bar tooltip not showing the error messages
This is a significant security issue as it adds a hidden library path
based on the location of the build directory. It is always wrong in an
installed package, and can be leveraged by an unprivileged user to
inject libraries into a binary called by another user or even root.
Closes #11746
This is a step towards fixing #11747 but is only a partial solution.