On Thu, Sep 19, 2002 at 02:42:16AM +0900, Bang Jun-Young wrote:
> On Wed, Sep 18, 2002 at 05:32:07PM +1000, Malcolm Herbert wrote:
> > Is there a way to change the library load order _without_ using
> > LD_PRELOAD? I'm after something a little more universal than whether
> > the environment has a particular variable in it ... and I don't want to
> > modify LD_PRELOAD for each and every new library I happen to build ...
> > 
> > I came across this issue due to the Apache+SSL+Linux worm going around
> > at the moment ...
> > 
> > basically I've made sure that my libssl.so is up-to-date from the
> > pkgsrc tree to appease my local Security Officer, however he kept on
> > bugging me about it until we both worked out that apache is loading
> > /usr/lib/libssl.so (which is at 0.9.5a on my 1.5.2 system) and not my
> > newly up-to-date one in /usr/pkg/lib/libssl.so ...
> > 
> > I'm not too fussed about the worm, but it does strike me as a good
> > idea that I make sure ld.so (or ld.elf_so) is loading libraries in
> > /usr/pkg/lib in preference to the (potentially old and insecure)
> > libraries in /usr/lib
> > 
> > How do I go about this? man ld.so.conf seems to indicate that I can just
> > add appropriate paths to /etc/ld.so.conf, but that doesn't seem to have
> > done anything ...
> 
> Probably this will help:
> 
> $ LD_LIBRARY_PATH=/usr/lib:/usr/pkg/lib httpd

Euch. should be:

$ LD_LIBRARY_PATH=/usr/pkg/lib:/usr/lib httpd

Jun-Young

-- 
Bang Jun-Young <junyoung@mogua.com>