control: retitle -1 ld-linux.so fails to expand relative RPATH when /proc is not mounted control: tag -1 - security
Hi, On 2015-05-30 18:56, Helmut Grohne wrote: > Control: severity -1 wishlist > Control: reassign -1 libc6 > Control: retitle -1 ld-linux.so loads libraries from . when /proc is not > mounted > Control: affects -1 + ghc > Control: summary -1 0 > > When /proc is not mounted, a relative RPATH causes ld-linux.so to fall > back to using the working directory as the base directory for RPATH > resolution instead of using the (unknown) location of the executed > binary. This issue is hard to diagnose, because the error message does > not make it clear that fallback code is in use due to readlink > /proc/self/exe failing. Furthermore, it may pose a security risk by > loading libraries from unintended locations. The fact that it replaces $ORIGIN by the current directory when /proc is not mounted is one part of the issue. It has already been tracked and fixed in #884615. > On Sat, May 30, 2015 at 11:54:26AM -0400, Joey Hess wrote: > > Sorry, I meant the linker should be fixed, not ghc. > > Let's codify that in the bts. > > Steps to reproduce (for glibc maintainers): > > Create an unstable chroot. Install ghc. Do not mount /proc in that > chroot. Execute /usr/bin/ghc. You shall see that it fails loading > libraries. > > I assume that any binary with a relative RPATH is affected. This is the second part of the issue. The dynamic loader has no way to find the location of the binary without a mounted /proc, that's why it fails to find the GHC libraries. Retitling / tagging the bug accordingly. Regards, Aurelien -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.net