Permissions for shared libraries in Kerberos
Ken Hornstein
kenh at cmf.nrl.navy.mil
Sat Nov 28 09:43:44 EST 2020
>Expect the same from your downstream Linux distros. Gratuitous tickets rob
>support staff time from more productive work. That costs money. I work with
>this in mind at $JOB. I have the same attitude with my open source
>projects. Gratuitous tickets rob time from more fun programming activities.
Russ already brought up that my original post on this subject made the
point that having the shared libraries be executable is pretty much a
requirement on RPM-based systems, and Debian enforces their policy of
NOT having executable shared libraries in their default packaging scripts.
I'm unaware of what other platforms official stance is on this topic,
but it seems like there's not a unifying standard.
Like I said previously, I have no opinion on WHAT the executable bit
should be for shared libraries. But it seems that the default toolchains
make shared libraries executable by default at creation time and things
like Automake/libtool end up installing shared libraries with the execute
bit set, and somehow the world hasn't been overwhelmed in an avalanche
of support tickets because users are trying to directly execute shared
libraries.
--Ken
More information about the krbdev
mailing list