> But: is it really OK for shared libraries to reference global
> variables like this, assuming the globals are provided by the `main
> program'?  That seems like a pretty gross thing to do. libntp does
> this, it breaks naive use of libntp (libntp requires, and uses,
> app-namespace variables `debug' and `progname'?), and we don't even
> have a manpage for it.
> 
> I guess I agree with Michael, that some libraries (libwrap, libntp)
> ares installed assuming they're for the use of only one application.
> Seems like less-than-splendid engineering to me.

I agree that this is gross and disgusting.  ("less-than-splendid" only
if you want to be nice about it.  8-)

However, it's what the library developers decided to do.  Faced with
that situation, we either (1) do what they did (broken though it is),
or (2) do something New and Different.

In the case of libwrap, (2) has potential security implications,
because the variables that libwrap wants to program to have defined
really should be defined under application control, and defaulting
them may not be a good idea from a security (logging, at least)
standpoint.

i know nothing about what libntp does.



cgd