Re: pt_chown linking

[Bruno Haible]

Eric Blake wrote:
> > CCLD libgnu.la
> > CC pt_chown.o
> > make[4]: *** No rule to make target `libgnu.a', needed by `pt_chown'. Stop.
> >
> > Looks like the gnulib-tool output is not considering the possibility of
> > libtool mixing with the creation of pt_chown.
> 
> Changing pt_chown to not require libgnu.a in any form would be one 
> solution

That is not the solution. There is a comment in lib/pt_chown.c

/* For security reasons, we try to minimize the dependencies on libraries
   outside libc.  This means, in particular:
     - No use of gettext(), since it's usually implemented in libintl.
     - No use of error() or argp, since they rely on gettext by default.  */

And what you want to do, is to install libgnu.so as a shared library,
and pt_chown that links with it.

I would not do that, for security reasons.

Instead, if your main gnulib-tool invocation is with --libtool,
use gnulib-tool a second time, without --libtool and just just one
module: 'pt_chown'. This way, you can have a setuid executable that
does not link against shared libraries except libc, and it contains
the minimal needed code (basically only pt_chown.c, ptsname.c, and
ttyname_r.c).

Bruno
-- 
In memoriam Eduard Brücklmeier <http://en.wikipedia.org/wiki/Eduard_Brücklmeier>