Bug 14512 - -z nodelete should be default for shared libraries
Summary: -z nodelete should be default for shared libraries
Status: NEW
Alias: None
Product: binutils
Classification: Unclassified
Component: ld (show other bugs)
Version: unspecified
: P2 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-08-23 12:37 UTC by Rich Felker
Modified: 2023-08-07 10:26 UTC (History)
2 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Rich Felker 2012-08-23 12:37:57 UTC 
See glibc bug #14511:

http://sourceware.org/bugzilla/show_bug.cgi?id=14511

If this can't/won't be fixed at the dynamic linker level, it should be fixed in binutils. Relying on every library, which might not even be intended for use with dlopen but might get loaded implicitly as a dependency of a dlopened library, is unsafe and unpractical; it leads to obscure crash bugs that may only arise for certain configurations of the underlying dependencies of a library. Since unloading a library is unsafe by default unless it was explicitly designed to be unloadable, -z nodelete should be the default option and -z delete should be needed to override it and specify that a .so being generated is intended for use as an unloadable plugin.
Comment 1 Sam James 2023-08-07 10:10:15 UTC 
This came up in Qualys' recent OpenSSH writeup: https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt.