Date: Thu, 18 Dec 2014 18:57:55 +0300 From: Alexander Cherepanov <cherepan@...me.ru> To: oss-security@...ts.openwall.com Subject: Re: Running Java across a privilege boundry On 2014-12-18 12:45, Jakub Wilk wrote: > * Tim Brown <tmb@...35.com>, 2014-12-18, 09:18: >> The issue for anyone that was interested was as follows: >> >>> $ objdump -x /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java | grep RPATH >>> >>> RPATH >>> $ORIGIN/../lib/amd64/jli:bootstrap/jre/lib/amd64/jli: >>> $ORIGIN/../lib/amd64:bootstrap/lib/amd64: >>> $ORIGIN/../jre/lib/amd64:bootstrap/jre/lib/amd64 > > https://bugs.debian.org/754278 Shouldn't this be tracked as a security issue? I don't see it in Debian security tracker. Why didn't you request CVE for it? Just curious. -- Alexander Cherepanov
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.