I know that libfreebl3.so and libsoftokn3.so have been blacklisted for prelinking for quite some time now (it's there in F8, and I think earlier) but now that libcrypt is linked against libfreebl3.so, it seems an increasing number of other libraries / plugins / programs are now excluded due to the dependency on libfreebl3.so.
Is there any way to avoid this? As time goes on, more and more programs and plugins (like the kde address book / calendar) are relying on encryption and / or signing, and starting to link against nss.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Bill Crawford wrote:
Is there any way to avoid this? As time goes on, more and more programs and plugins (like the kde address book / calendar) are relying on encryption and / or signing, and starting to link against nss.
IMO this policy to prevent prelinking should be optional. I certainly don't need the self-testing of NSS on my system . I trust prelink and if someone can change the NSS libs, s/he can do much worse things, too.
I think the self-testing in NSS should be done only in FIPS mode.
- -- ➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖