[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Compiling into chroot

From: Bob Friesenhahn
Subject: Re: Compiling into chroot
Date: Thu, 12 Jun 2008 15:27:00 -0500 (CDT)

On Thu, 12 Jun 2008, Alon Bar-Lev wrote:

Because of this configure --prefix=/ is used, so embedded paths will
be relative to root and not directory in host system.
So the only issue is with libtool.

Libtool is not aware of --prefix! It only knows the paths given to it and what it learns from its environment.

This is the simplest, as execution of commands within the chroot is
impossible. As it may be cross compile and target is not operational.

Commands may be executed if the chroot environment is sufficiently updated to make it possible.

As far as I understand, you can add FAKEROOT into each path variable
read from .la files, and removed before writing the .la files. Also
removed from all operations during the finish stage.

How does this mesh with libltdl (which also reads .la files) and test suites? It seems that libltdl would also need to know about FAKEROOT, which results in every application using libltdl responding to FAKEROOT. There may be additional security issues here similar to LD_LIBRARY_PATH, but worse since the compromised application could setenv FAKEROOT before a module is loaded and cause a compromised module/library to be loaded.

But as libtool script is so complex it is very difficult to provide a
solution to outsiders.

A well kept secret is that the libtool maintainers also consider the libtool script to be quite complex. :-)

Bob Friesenhahn
GraphicsMagick Maintainer,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]