libparanoia

libparanoia

Post by Michae » Tue, 02 Jul 2002 13:00:33



As I understand it, libparanoia will protect any programs which use libc, thus making it less likely to have the TCP/IP stack over-run. So, I decided this is a good thing and installed it.

The pkg-descr file says to relink applications which use libc with
-lparanoia -L/usr/local/lib to utilize libparanoia, so I did:

ldconfig -m /usr/local/lib   ( where libparanoia.so lives )

then did:

ldd /usr/X11/bin/wmaker

yet libparanoia isnt in the list of shared libraries. I even tried:

ld -L/usr/local/lib -lparanoia  but this gave me a list of errors.

Anyone using libparanoia that can point me in the right direction?

michael

 
 
 

libparanoia

Post by Igor Sobrad » Tue, 02 Jul 2002 22:18:54



> then did:
> ldd /usr/X11/bin/wmaker
> yet libparanoia isnt in the list of shared libraries. I even tried:
> ld -L/usr/local/lib -lparanoia  but this gave me a list of errors.

Sorry, I am not using libparanoia.  But I believe that I can help
you.  The safest way to change information about dynamically loaded
libraries is (re)building the package from source.  I do not know
that library, but if it works as I expect it is a wrapper for some
standard library functions that can be dangerous when used without
checking the arguments they will accept.

In fact, it seems to me that you must build those programs from
source code modifying LDFLAGS in the right way.  In other words,
you must build new binaries that will call the wrappers (or the
fully-functional replacement functions) provided in the paranoia
library before calling anything in the standard C library.

I am not sure about changing this information on-the-fly, perhaps
you can try something like the LD_PRELOAD environment variable in
Solaris, or the _RLD_* environment variables in IRIX, or... but
even if it is possible it will be safer to rebuild the binaries
from source code.

One of the better advantages that I see in operating systems like
Solaris, IRIX, HP-UX and (of course!) the *BSDs is that the library
function prototypes do not change a lot from a release to the next
one.  It is a real nightmare in Linux where, at least, two different
implementations are available.  (Sometimes even upgrading glibc is a
real problem in Linux.)  If you want to try libparanoia, ok, use it.
But I recommend you to build all that software from source code.

Take care!
Igor.

--