LD_PRELOAD: The Hero We Need and Deserve

Sunday, February 17, 2019 · 4 min read

I’m a huge, HUGE, fan of LD_PRELOAD let me tell you… oh wait it’s my blog so I’m going to. Where do I begin…

About three years ago, I wrote a blog post about the 10 LDFLAGS I love. After writing the post, I realized I should have made the number odd because I think that is part of BuzzFeed’s “click algorithm.” But more seriously, I realized just how many people on the internet you can upset when you don’t include LD_PRELOAD in your favorite LDFLAGS post. I am going to take the time right now to make one thing very clear, VERY CLEAR, listen closely: LD_PRELOAD IS NOT A FLAG. It is an environment variable. Wake up sheeple! Phew!

Now that’s out of the way, we can continue… I love LD_PRELOAD. I love it so much I am devoting this entire blog post to professing my undying love for it. So here we go…


For those who don’t know what LD_PRELOAD is: TODAY IS YOUR LUCKY DAY! LD_PRELOAD allows you to override symbols in any library by specifying your new function in a shared object.

When you run LD_PRELOAD=/path/to/my/free.so /bin/mybinary, /path/to/my/free.so is loaded before any other library, including libc. When mybinary is executed, it uses your custom function for free. PRETTY FREAKING AWESOME RIGHT!


FEEL THE POWER! Okay, so moving on…

Fun Times on the Internet

One night, I’m just hanging around in my apartment, laying on my couch, and I think “oh I’m going to ask the Internet what they’ve done with LD_PRELOAD.” This is how most of my tweets start for what it’s worth. So I asked…

This tweet blew up in THE BEST WAY! I got some really cool responses I will highlight below.

This isn’t all of them but isn’t the internet utterly awesome! You can poke through the thread more and find ones you love as well. But let’s move on to some mad science…


No, not the Incubus album… but my science experiment that I did with LD_PRELOAD. My friends, Greg (@grepory), Aditya (@chimeracoder), and I came up with this absolutely insane idea for “kernelless”. Yeah, it’s a joke making fun of all the other “-less”s. But ours was special, m’kay. Greg even made a dope website for it, kernelless.cloud.

So the way we were going to implement this in a mad science way would be as “Cloud Native Syscalls.” Let me tell you about the “Cloud Native Syscalls”…

Cloud Native Syscalls

The first part of the “Cloud Native Syscalls” architecture consists of a daemon on a cloud VM which has a network endpoint accepting incoming syscalls and their arguments. The daemon then performs these syscalls, almost in a code execution as a service type way.

To use “Cloud Native Syscalls”, you compile your binary with the library as follows: LD_PRELOAD=/path/to/my/cloudnativesyscalls.so /bin/ls. This ensures that all your syscalls when you run ls on your host are actually performed in the cloud and sent to the daemon described above.


F’king nuts right… I know. We are working on our A-round don’t worry. It’s truly revolutionary.

Anyways, that was our little science experiment. Hope you liked it, or at least enjoyed all the other people’s fun hacks. :) Keep LD_PRELOADing.