|
Message-ID: <20140614171143.GK179@brightrain.aerifal.cx> Date: Sat, 14 Jun 2014 13:11:43 -0400 From: Rich Felker <dalias@...c.org> To: musl@...ts.openwall.com Subject: Re: Binaries compiled with musl (1.1.2) are vulnerable to an ancient ldd exploit On Sat, Jun 14, 2014 at 06:42:56PM +0200, Szabolcs Nagy wrote: > * Steven Honeyman <stevenhoneyman@...il.com> [2014-06-14 17:27:33 +0100]: > > > > If that libc-alpha commit makes it through (eventually!) then agreed, > > this is no longer an issue. > > > > i dont see how this is an issue > > it is simply not the responsibility of musl to fix or > work around such bugs in other projects even if it were > dangerous Indeed, I see the request to "fix" this on musl's side as a request for something that falls midway between security-through-obscurity and DRM. It's not musl's responsibility to make it difficult to write malicious programs any more than it's the compiler's responsibility to do so, and of couse since musl is open source, it's not even possible to actually prevent users from doing so. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.