>> > Having apps that can't be tricked into downloading random DLLs from >> > strange websites would certainly be a good thing ;-) >> Upgrade to a sane system, like GNU/Linux and all your apps will be fixed >> in one fell swoop, > "if they were built with a sane rpath".
AFAIK, that's usually the case under most GNU/Linux distributions. > Which is the whole point of the advisory: if you build applications wrongly, > they will become vulnerable. Yes, but those risks with rpath and friends have been known for a very long time under unixy systems and have been taken fairly seriously, so it's rather rare to find a vulnerable package in my experience (e.g. I have never seen current-directory in the rpath). Stefan