#2 Security warnings under Gentoo

[tkzv]

When compiling clunk under Gentoo, I get multiple security warnings about libclunk.so.

The ebuild from http://www.linux.org.ru/jump-message.jsp?msgid=4771325&cid=4772237 essentially downloads source from SVN, calls scons and installs libclunk.so to /usr/lib. In the process it checks the internals of libclunk.so and reports this:

scanelf: rpath_security_checks(): Security problem with relative DT_RPATH '.' in /var/tmp/portage/media-libs/clunk-9999/image/usr/lib64/libclunk.so
scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH '.' in /var/tmp/portage/media-libs/clunk-9999/image/usr/lib64/libclunk.so
scanelf: rpath_security_checks(): Security problem with relative DT_RPATH '.' in /var/tmp/portage/media-libs/clunk-9999/image/usr/lib64/libclunk.so
scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH '.' in /var/tmp/portage/media-libs/clunk-9999/image/usr/lib64/libclunk.so

As far as I understand, if RPATH in an ELF file is set to '.' it is considered a vulnerability. Most other libraries don't have it set.

[Vladimir Menshakov]

It is not required for clunk having rpath=., We set it in the scons file only for local developer's build. If you need to system-wide install, you need to pass prefix=/ and other scons options. Please check the recent sources, it had been ported to cmake.

[Vladimir Menshakov]

sorry, i got it! :) Please update from svn and use cmake for building/installing it.