[M3devel] runpath/unshipped vs. shipped binaries

[Carson Gaspar]

BTW, I'm glad you're working on this, I just want to make sure we end up
someplace better ;-)

Jay wrote:
> Well, the big polluted runpath is how Modula-3 has always built
> things. The only reason for /tmp/tmprandom is because I build up an
> entire new install from scratch. Otherwise it would be
> /usr/local/cm3/pkg/... or such. If you look at the distributions Olaf
> has put out you can see he does similar. I think the Tinderbox builds
> are the same.

The problem with using /tmp is that _any_ user can throw their own .so's 
in there. Bogus /usr/... paths are still unfortunate, but not a security 
nightmare like /tmp/... paths are.

It may be that re-organizing the build system to behave better is more 
work than you have time for at the moment, and throwing in a $ORIGIN 
RPATH isn't a bad thing even if you don't fix the rest. But please don't 
ship binaries with an RPATH containing /tmp - someone will hurt themselves.

-- 
Carson