On Tue, Mar 20, 2001 at 12:55:22PM +1100, Damien Miller wrote:
> On Mon, 19 Mar 2001, Bill Campbell wrote:
>
> > As a general rule, it's a Bad Idea(tm) to compile security-related programs
> > like this using shared libraries because there's always the possibility
> > that somebody's going to switch libraries on you.
>
> That is just silly - if someone is in a position to play games with you
> system libraries then they can do a lot more damage than that.
That depends on how things are linked and what the OS allows for
overriding the shared library search paths...in some cases, you could
probably do
export LD_LIBRARY_PATH=/my/library/dir:$LD_LIBRARY_PATH
to get the searching to find your own libs first.
--
Scott Blachowicz
