libintl: no way to use private message catalogs (resend)

Bruno Haible haible@ilog.fr
Fri Jun 28 11:41:00 GMT 2002


Ulrich Drepper writes:
> Allowing anything but the standard places (or those allowed by a
> call to bindtextdomain) is a security problem.

The security issue is already handled; namely in setuid/setgid
processes the absolute pathnames inside LANGUAGE will be ignored. Do
you see any other security issue?

In a process where libc_enable_secure == false, the user could achieve
the modified behaviour of gettext() by LD_PRELOADing a modified
compiled libc. Therefore you are not weakening security if you admit
the patch in libc.

Bruno



More information about the Libc-alpha mailing list