binutils: Enable --enable-new-dtags

Use DT_RUNPATH over DT_RPATH. If DT_RUNPATH is present, LD_LIBRARY_PATH is searched before DT_RUNPATH, Search order is DT_RPATH then LD_LIBRARY_PATH then DT_RUNPATH, this order ensures that injecting malicious shared objects is way harder with DT_RUNPATH. This is now default on major linux distributions already (From OE-Core rev: 66f8a745668a067d8d763fa2af3e65f26c9c1ebe) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-01-29 21:08:42 +01:00 · 2023-02-22 22:58:16 -08:00
parent 5e172bdbe1
commit ce71bb3d08
1 changed files with 1 additions and 0 deletions
--- a/meta/recipes-devtools/binutils/binutils.inc
+++ b/meta/recipes-devtools/binutils/binutils.inc
@@ -96,6 +96,7 @@ EXTRA_OECONF = "--program-prefix=${TARGET_PREFIX} \
                --disable-werror \
                --enable-deterministic-archives \
                --enable-plugins \
+                --enable-new-dtags \
                --disable-gdb \
                --disable-gdbserver \
                --disable-libdecnumber \