On Tue, 01 Sep 2009, Clint Adams wrote: > On Tue, Sep 01, 2009 at 12:24:23AM -0400, Yaroslav Halchenko wrote: > > do you mean that executables with any capabilities (or even just > > cap_sys_nice) set are considered insecure and LD_PRELOAD is explicitly > > disallowed so LD_PRELOAD of fakeroot library fails?
> Yes, it is the same as with setuid/setgid programs. The point is > that otherwise you could make a preload library to exploit any > capability by subverting one of the functions used by a privileged > binary. > I'm not sure how fakeroot-ng interacts with capabilities, but > perhaps it is more suitable for your use case. hm... it seems to be doing find: $> fakeroot python --version ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be preloaded: ignored. Python 2.5.4 $> fakeroot-ng python --version Python 2.5.4 cool -- thanks for the hint... seems to remain working fine within dpkg-buildpackage ;) I just wonder now what to do with the bug -- apparently it is a feature ;) but may be error message could be made more informative/relevant? -- .-. =------------------------------ /v\ ----------------------------= Keep in touch // \\ (yoh@|www.)onerussian.com Yaroslav Halchenko /( )\ ICQ#: 60653192 Linux User ^^-^^ [175555] -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org