oss-sec mailing list archives
Re: Running Java across a privilege boundry
From: Alexander Cherepanov <cherepan () mccme ru>
Date: Thu, 18 Dec 2014 18:57:55 +0300
On 2014-12-18 12:45, Jakub Wilk wrote:
* Tim Brown <tmb () 65535 com>, 2014-12-18, 09:18:The issue for anyone that was interested was as follows:$ objdump -x /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java | grep RPATH RPATH $ORIGIN/../lib/amd64/jli:bootstrap/jre/lib/amd64/jli: $ORIGIN/../lib/amd64:bootstrap/lib/amd64: $ORIGIN/../jre/lib/amd64:bootstrap/jre/lib/amd64https://bugs.debian.org/754278
Shouldn't this be tracked as a security issue? I don't see it in Debian security tracker. Why didn't you request CVE for it? Just curious.
-- Alexander Cherepanov
Current thread:
- Re: Running Java across a privilege boundry, (continued)
- Re: Running Java across a privilege boundry Solar Designer (Nov 23)
- Re: Running Java across a privilege boundry Solar Designer (Nov 25)
- Re: Running Java across a privilege boundry Solar Designer (Dec 08)
- Re: Running Java across a privilege boundry Tim Brown (Dec 18)
- Re: Running Java across a privilege boundry Jakub Wilk (Dec 18)
- Re: Running Java across a privilege boundry Martin Carpenter (Dec 18)
- Re: Running Java across a privilege boundry Jakub Wilk (Dec 18)
- Re: Running Java across a privilege boundry Martin Carpenter (Dec 18)
- Re: Running Java across a privilege boundry Alexander Cherepanov (Dec 18)
- Re: Running Java across a privilege boundry Martin Carpenter (Dec 18)
- Re: Running Java across a privilege boundry Alexander Cherepanov (Dec 18)