On Tue, Nov 07, 2000, Mixmaster wrote:
> > shl_load() also needs to load along a path given through an
> > environment variable, SHLIB_PATH. This change makes that possible.
>
> Loading shared libs from SHLIB_PATH or LD_LIBRARY_PATH is a huge security
> hole. No security conscious program uses them
Good catch. We obviously can't do that in OpenSSL. Would it work to have
the Configure script figure out the correct path at compile time?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
