Installing mod_security, the instructions direct us to add:
LoadFile /usr/lib/libxml2.so
LoadFile /usr/lib/liblua5.1.so
to httpd.conf.
I'm wondering why they might prefer LoadFile to linking with rpath / LD_RUN_PATH /etc.
Asked
Active
Viewed 1,273 times
2
1 Answers
3
Using LoadFile vs linking directly is the Apache recommended best practice. Really, it boils down to two issues:
1) Conflicts with other modules may cause strange and hard to diagnose side effects and make the order of LoadModule directives important.
2) Library versioning may cause two modules to load two different versions which may lead to overloading the symbol table and cause some serious loss of hair trying to diagnose the issue when there are crashes.
Really, PCRE should also be in there, but Apache loads this internally, which more often is the cause for a crash. Look through the mail list archives for the modsecurity user list and you will see a number of crashes due to mismatched PCRE libs. Using LoadFile would have solved those problems, but instead the admins must recompile Apache with an external PCRE lib.
b1v1r
- 46
- 1
-
Can we put the LoadFile in start of the conf file or it's position depented? – Aryaman Gupta May 18 '21 at 16:22