Greetings Everyone,
I recent download and compiled a new version openssl-1.0.2h.tar than what
came with RedHat distribution.
successfully compile and test. Using the following options
export CFLAGS="-fPIC"
./config shared enable-ec_nistp_64_gcc_128 no-ssl2 no-ssl3
--openssldir=/usr/local/o
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Mirko Fit
> Sent: Monday, June 20, 2016 09:36
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] openssl shared libs
>
> I meant the easy way of replacing a shared lib (no need to be root):
> > LD_LIBRARY_
I meant the easy way of replacing a shared lib (no need to be root):
> LD_LIBRARY_PATH=/path/to/modified/shared/lib:$LD_LIBRARY_PATH
> my_tool
Am 20.06.2016 um 17:25 schrieb Ken Goldman:
Just one opinion: If your attacker can replace the libraries, they
have root access. They can hook into the
Just one opinion: If your attacker can replace the libraries, they have
root access. They can hook into the keyboard, replace your application,
etc. If they have root access, you've already lost.
OTOH, static link means that your application won't automatically get
security updates.
On 6/
Hi,
I've got some questions on the shared build of openssl.
Is it safe to use the shared libraries libssl.so and libcrypto.so?
Couldn't the shared libs be replaced by manipulated ones that intercept
my calls and steal the passwords?
I was wondering why every linux distrubutions comes with these
On 17/06/2016 17:54, fterm wrote:
Hi,
i've got a question for my study stuff: I have to decrypt a file using C. I
have a corrupt key corrupt-src-key.bin (an initial vector is at the end of
the file - dont know if i should usw them - maybe dont have to). decrypted
file is *.pdf and it was encrypte
