> Now my company is (T) and we don't want to leak (V)'s session key. > You may assume that our binary is protected state of the art agains debugger > attacks and stuff. > So the only question is if the shared openssl library makes the tool more > vulnerable?
You cannot prevent someone from changing what the software that runs on their computer. You can only make it harder. Shared libraries are easier for a user to replace; static libraries are harder. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
