SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I long have liked the SBo method of OUTPUT=${OUTPUT:-/tmp}. I am able to set the OUTPUT environment variable to my local repositories. With the output set to $TMP, I have to modify the build script or manually copy the package to my local repositories. Perhaps I am the only person affected, perhaps not. Seems this would be a straightforward change though without causing commotion?
I long have liked the SBo method of OUTPUT=${OUTPUT:-/tmp}. I am able to set the OUTPUT environment variable to my local repositories. With the output set to $TMP, I have to modify the build script or manually copy the package to my local repositories. Perhaps I am the only person affected, perhaps not. Seems this would be a straightforward change though without causing commotion?
Securitywise it would be a good idea to build the distro under /tmp/slackware if a root-owned /tmp/slackware were automatically created in rc.S like /tmp/.X11-unix is. Or under some other directory other than /tmp which wouldn't be writable to all. The situation now is that there are many binaries with RPATH or RUNPATH in the elf header pointing to a directory under /tmp. For example
A non-root perpetrator can create a directory /tmp/ruby-3.3.1 and plant a malicious library there, containing a modified function which /usr/lib64/ruby/3.3.0/x86_64-linux/enc/iso_8859_1.so wants to load.
If the ruby package had been built in /tmp/slackware/ruby-3.3.1, it would be RPATH=/tmp/slackware/ruby-3.3.1 and the perpetrator could not plant the malicious library there if there were /tmp/slackware with no write access.
Even better would be to use another build directory, not writable for non-root, not placed under /tmp, so it would not depend on a /tmp/slackware place holder directory to exist.
Heh. There's always that possibility. Hell, there's a possibility that 15.0 might be the last 32-bit Slackware.
Well then, if that be the case, anyone running 32bit 15.0 had better hurry up
and get upgraded to 32bit -current before it disappears and there is no 32bit 15.1
BTW, my only bare metal 32bit machine is a circa 1997 P-II that is dropped-back to 14.0
because it is just too slow and has too little RAM to run anything newer.
(tried 15.0 and it just can't handle it, in-fact X crashes right back to the cli with "invalid instruction")
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.