Review Request for 9000142: PlatformPCSC.java loading unversioned native shared library
Florian Weimer
fweimer at redhat.com
Thu Apr 25 09:37:25 UTC 2013
On 04/25/2013 12:11 AM, Valerie (Yu-Ching) Peng wrote:
> Won't this change break systems which don't have libpcsclite.so.1?
By linking against libpcsclite.so.1 at the ELF level? Yes.
But the dependency is already there, it is just not expressed
explicitly, so it will not be discovered by tools which extract the
NEEDED ELF attribute.
> Changes like this need to be thought through. What happens when
> libpcsclite.so.2 comes out?
The current version might continue to work correctly. Or might result
in random crashes. Probably the latter, considering the soname bump.
> As for API changes, shouldn't there be some compatibility requirement on
> APIs as libpcsclite.so evolves?
The convention is that the soname bump implies that the ABI has changed
in a backwards-incompatible way.
If libj2pcsc linked directly against libpcslite, we'd lose the
availability to switch to libpcscspy instead. But the latter is part of
the development package only, and I don't know how useful it is for
production use.
(All this is about GNU/Linux. Windows is clearly different, not sure
about the other POSIX platforms.)
--
Florian Weimer / Red Hat Product Security Team
More information about the security-dev
mailing list