Gary Gendel wrote:
Christian,
The -ldl means that you wish to load the library that is used to dynamically load shared libraries. If you really needed to do this then this brings up a small issue.
It is usually NOT a good idea to have openssl as a shareable library. This opens up a serious vulnerability. Take this scenario...
A person manages to gain root privedges. He replaces the openssl shareable library with a hacked version (say with a backdoor). In doing so, he's circumvented every program that uses openssl for security and gained full access via lots of entry points (web services, ssh services, etc.).
Well, if someone can gain root privileges you have a much bigger issue than him just replacing the openssl library (for example, him replacing the dovecot binaries). Objection overruled!
-- Magnus Holmgren holmgren@lysator.liu.se