[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

' command -p' in Makefile.in


I'm the author of CryFS (https://www.cryfs.org), an open source encrypted cloud file system using scrypt for key derivation. When building CryFS, it first builds the scrypt 1.2.0 source in a subfolder and then links it to the file system code.

A few of our users ran into an issue compiling scrypt with hardening-wrapper enabled. Namely, Makefile.in (line 1314) calls cpusupport.sh using 'command -p'. This command overwrites the user-set $PATH and therefore uses the default compiler at /usr/bin, not the one it should use at /usr/lib/hardening-wrapper/bin.

This overwriting of $PATH seems to be a bug in Bash 4.3 (and below), that's fixed in Bash 4.4 (see https://groups.google.com/forum/#!topic/gnu.bash.bug/s0YnTR72BlQ ). Unfortunately, it's going to be a while until Bash 4.4 is available on all systems.

Can you release an scrypt fix that uses 'command' instead of 'command -p' in Makefile.in? I don't think it's necessary to use 'command -p' here.

Thank you,