[EMAIL PROTECTED] wrote:
From: Phil Knirsch <[EMAIL PROTECTED]>
net-snmp-5.0.6-libtool.patch Thanks for adding verbiage from the
bug list on this one. Makes it easier for us to choose.
That patch is required because of our buildmethod and having rpaths in
binaries is a very bad idea securitywise (i could elaborate a little
deeper, but trust me on this). You might ignore that patch for upstream,
but in our build environment it's really necessary.
I think not having rpaths is probably good from a security viewpoint, but I
wonder if it would create undo hardship for system administrators.
Any SAs willing to comment on NOT having Rpaths set in Net-SNMP binaries ?
I'd most definitely vote for *keeping* the current RPATH, because it
makes a lot of sense in custom installations (to possibly non-standard
locations) from source. And it easily allows for multiple Net-SNMP
installations on the same box. And it keeps "support costs" for library-
related questions low on net-snmp-users.
However, I agree that RPATHs may not be appropriate in rpm/deb/svr4/...
packages or other environments. Then it'd be up to package maintainers
or SAs to disable it.
Having said that, IMHO it'd be helpful if it'd be easier to switch the
RPATH off during configure, but that will probably have to wait for the
overall "improve build configuration" project.
+Thomas
--
Thomas Anders <[EMAIL PROTECTED]>
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Net-snmp-coders mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
