|
Modern day implementations of ld.so(8) examine the LD_PRELOAD environmental variable Whitespace-separated list of additional shared libraries to load before all others If a function appears in both the LD_PRELOAD library and glibc, LD_PRELOAD wins The original function can be referenced using dlopen(3), or syscall(2) By hijacking a function or system call, it's behavior can be alteredMethod I: LD_PRELOAD