I'm tracking down an inconsistent behavior of my application when
compiled under different distributions. It seems that under Arch the
-Wl,-rpath, linker flag will set an RPATH into the library, while under
Ubuntu 20.04 and 18.04 the same flag results in a RUNPATH being set. So
it seems to me that the linker have different defaults on the two
distributions, maybe set at linker compilation time; is this
reasonable/correct? Also, since RUNPATH seems to be the modern and more
secure way (see e.g. here:
https://wiki.archlinux.org/index.php/Arch_package_guidelines/Security#RPATH/RUNPATH)
I am wondering if there is a specific reason why RPATH is still the
default on Arch and if there are plans to move to RUNPATH.
To further elaborate on this, if I'm correct the trend on Linux is
towards RUNPATH, i.e. giving precedence to library folders specified by
an environment variable (LD_LIBRARY_PATH) over those hard-coded in the
binaries. Then on macOS it seems to be the opposite, namely deprecating
DYLD_LIBRARY_PATH in favor of DYLD_FALLBACK_LIBRARY_PATH to give
precedence to rpath. Both approaches are motivated by the potential
security issues with the other approach, and all seems to depend on
which security hole (a malicious environment variable or write access to
library folders encoded in rpaths) is perceived as more important...
Thanks in advance for any clarification,
Nicola
