Re: first draft of "relocatable" module

[Ralf Wildenhues]

* Ben Pfaff wrote on Sun, Mar 04, 2007 at 09:29:53PM CET:
> Bruno Haible <address@hidden> writes: 
>
> > If we recommend to use
> >
> >     ./configure --enable-relocatable --prefix=/etc
> >     make
> >     make install DESTDIR=/tmp/inst$$
> >
> > then there should not be a security problem any more, right? 
>
> I tend to just use --prefix=$HOME/inst$$.

FWIW, I like that better, too.  Or use some other path that only root
can write to, like /opt or /nonexistent. 

> > > That's a trivial attack on the systems where run path overrides the
> > > shared library path variable.

> > Thanks for explaining. It's not trivial - you have to know a bit about
> > LD_LIBRARY_PATH, -rpath, LD_RUN_PATH and the like, in order to understand it.

Yeah, I meant, once you've understood it, it's trivial to implement.
Sorry, upon rereading I have certainly communicated this poorly. 

Cheers,
Ralf