From: Alejandro Colomar <alx@kernel.org>
To: Mike Frysinger <vapier@gentoo.org>
Cc: Siddhesh Poyarekar <siddhesh@gotplt.org>,
linux-man@vger.kernel.org, alx.manpages@gmail.com
Subject: Re: [PATCH] ldd: Do not recommend binutils as the safer option
Date: Mon, 16 Oct 2023 13:22:15 +0200 [thread overview]
Message-ID: <ZS0c5zyYbRLvBe4G@debian> (raw)
In-Reply-To: <ZS0UpvcYc/0RgdkG@vapier>
[-- Attachment #1: Type: text/plain, Size: 1493 bytes --]
On Mon, Oct 16, 2023 at 04:32:02PM +0545, Mike Frysinger wrote:
> On 16 Oct 2023 02:19, Siddhesh Poyarekar wrote:
> > The binutils security policy[1] states that diagnostic tools should not
> > be expected to be safe without sandboxing, so it doesn't make sense to
> > recommend it as the alternative to ldd, especially since it is not a
> > drop-in replacement. Recommend sandboxing instead, since that is in
> > fact the safest known way at the moment to deal with untrusted binaries.
>
> fwiw, this is one reason why i wrote `lddtree` (although the primary reason
> was cross-compiling and separate-root dirs). it's part of the pax-utils
> project that's available in most distros now.
> -mike
Hi Mike,
Is there a manual page for lddtree(1)?
alx@debian:~$ man lddtree
No manual entry for lddtree
alx@debian:~$ apt-file show pax-utils
pax-utils: /usr/bin/dumpelf
pax-utils: /usr/bin/lddtree
pax-utils: /usr/bin/pspax
pax-utils: /usr/bin/scanelf
pax-utils: /usr/bin/scanmacho
pax-utils: /usr/bin/symtree
pax-utils: /usr/share/doc/pax-utils/changelog.Debian.gz
pax-utils: /usr/share/doc/pax-utils/copyright
pax-utils: /usr/share/man/man1/dumpelf.1.gz
pax-utils: /usr/share/man/man1/pspax.1.gz
pax-utils: /usr/share/man/man1/scanelf.1.gz
pax-utils: /usr/share/man/man1/scanmacho.1.gz
Would you mind pointing to some documentation for it? Or write a page
if you feel like. :)
Cheers,
Alex
--
<https://www.alejandro-colomar.es/>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
prev parent reply other threads:[~2023-10-16 11:22 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-16 6:19 [PATCH] ldd: Do not recommend binutils as the safer option Siddhesh Poyarekar
2023-10-16 10:08 ` Alejandro Colomar
2023-10-16 13:28 ` Siddhesh Poyarekar
2023-10-16 13:33 ` Alejandro Colomar
2023-10-16 13:46 ` Siddhesh Poyarekar
2023-10-17 18:19 ` Adhemerval Zanella Netto
2023-10-16 10:47 ` Mike Frysinger
2023-10-16 11:22 ` Alejandro Colomar [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZS0c5zyYbRLvBe4G@debian \
--to=alx@kernel.org \
--cc=alx.manpages@gmail.com \
--cc=linux-man@vger.kernel.org \
--cc=siddhesh@gotplt.org \
--cc=vapier@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox