Hi,
I've got some questions on the shared build of openssl.
Is it safe to use the shared libraries libssl.so and libcrypto.so?
Couldn't the shared libs be replaced by manipulated ones that intercept
my calls and steal the passwords?
I was wondering why every linux distrubutions comes with these
n hook into the keyboard, replace your
application, etc. If they have root access, you've already lost.
OTOH, static link means that your application won't automatically get
security updates.
On 6/20/2016 11:05 AM, Mirko Fit wrote:
I've got some questions on the shared build of openssl.
Is it safe
is if the shared openssl library makes the tool
more vulnerable?
Thanks in advance,
Mirko
Am 20.06.2016 um 18:04 schrieb Michael Wojcik:
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of Mirko Fit
Sent: Monday, June 20, 2016 09:36
To: openssl-users@openssl.org
Subject: Re