>> > Having apps that can't be tricked into downloading random DLLs from
>> > strange websites would certainly be a good thing ;-)
>> Upgrade to a sane system, like GNU/Linux and all your apps will be fixed
>> in one fell swoop,
> "if they were built with a sane rpath".
AFAIK, that's usually the case under most GNU/Linux distributions.
> Which is the whole point of the advisory: if you build applications wrongly,
> they will become vulnerable.
Yes, but those risks with rpath and friends have been known for a very
long time under unixy systems and have been taken fairly seriously, so
it's rather rare to find a vulnerable package in my experience (e.g.
I have never seen current-directory in the rpath).
Stefan
