[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Memory usage on relays



Binaries are staticly linked so that someone can't substitute a replacement library. Otherwise you can replace the library or set LDPRELOAD to implement a variety of attacks.

On Jan 18, 2010, at 2:28 PM, Nick Mathewson <nickm@xxxxxxxxxxxxxx> wrote:

On Sun, Jan 17, 2010 at 11:29 PM, John Brooks <special@xxxxxxxxxxxxxxxx > wrote:
[...]
As a vaguely related sidenote, is it intentional that openssl is
statically linked? I would expect that Tor more than anything would
want to benefit from security updates as quickly as possible, and most
package managers / people won't rebuild it after an openssl update.
Seems a bit dangerous. I was able to confirm that I was running with
the right version, though, by adding the following right under Tor's
version notice:

Tor links against openssl dynamically for me, at least.  Let us know
if there's some more magic we need to do in src/or/Makefile.am to make
it dynamically linke for others.

I'm not sure openssl builds shared libraries by default, though: could
that be the problem.

--
Nick
*** ********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/