On Fri, 2008-10-31 at 04:48 -0500, Rob Landley wrote: > > I don't know what happens if you run gnu ldd on a program that does an > rm -rf / when run with no arguments, and I'm not sure I _want_ to know. > Readelf gives you all the data you actually _need_; ldd merely formats the > output more conveniently. There's no need to run the binary, and lots of > reasons not to. > > Rob
I'm pretty sure everyone would agree with you--even glibc :) Just to make sure this myth is not spread further, glibc ldd does not "run" the program--it sets 2 environment variables that tell the dynamic loader (ld-linux..) to simply resolve all dynamic symbols immediately, trace the loaded objects, and then list them..all without ever executing the application. See ld-linux man page, ref: LD_BIND_NOW, LD_TRACE_LOADED_OBJECTS. You can easily confirm by running ldd on any program that would perform a visible/recognizable action--then you can see that the action is not performed. Or, if you are still paranoid, create your own binary, use your favorite tracing/debug method, see if you can get a "hit" on main() execution..I think you'll be happy to see your program is never run.. - Phil _______________________________________________ uClibc mailing list [email protected] http://busybox.net/cgi-bin/mailman/listinfo/uclibc
