Memory usage on relays

Nn6eumtr nn6eumtr at gmail.com
Tue Jan 19 01:02:48 UTC 2010


Binaries are staticly linked so that someone can't substitute a  
replacement library. Otherwise you can replace the library or set  
LDPRELOAD to implement a variety of attacks.

On Jan 18, 2010, at 2:28 PM, Nick Mathewson <nickm at torproject.org>  
wrote:

> On Sun, Jan 17, 2010 at 11:29 PM, John Brooks <special at dereferenced.net 
> > wrote:
> [...]
>> As a vaguely related sidenote, is it intentional that openssl is
>> statically linked? I would expect that Tor more than anything would
>> want to benefit from security updates as quickly as possible, and  
>> most
>> package managers / people won't rebuild it after an openssl update.
>> Seems a bit dangerous. I was able to confirm that I was running with
>> the right version, though, by adding the following right under Tor's
>> version notice:
>
> Tor links against openssl dynamically for me, at least.  Let us know
> if there's some more magic we need to do in src/or/Makefile.am to make
> it dynamically linke for others.
>
> I'm not sure openssl builds shared libraries by default, though: could
> that be the problem.
>
> -- 
> Nick
> *** 
> ********************************************************************
> To unsubscribe, send an e-mail to majordomo at torproject.org with
> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list