On Thu, 3 Mar 2011, Hans Åberg wrote:
> So guile-2.0.0 using libltdl.7.dylib of libtool-2.4, can on Mac OS X 
> 10.6.6 only open a dynamic library if the name of what it actually 
> opens ends in .so (say by making a soft link using 'ln -s'); if it 
> ends in .dylib, it cannot open it, even if the full name is given.
>
> See
>  http://lists.gnu.org/archive/html/bug-guile/2011-03/msg00008.html
>  http://lists.gnu.org/archive/html/guile-devel/2011-03/msg00021.html

Are you sure that libltdl from libtool-2.4 is being used?  The dtruss 
trace (from Michael Ellis) at 
http://lists.gnu.org/archive/html/bug-guile/2011-03/msg00020.html 
shows insecure accesses more like I would expect from a libtool 
version suffering from CVE-2009-3736, which is very dangerous under OS 
X.  See

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736

The recommended portable way to load modules is via a libtool module 
.la file.  It is also recommended to load modules via a full path 
rather than via a search path because the search path might not be as 
secure and predicable as you might like.

Bob
-- 
Bob Friesenhahn
bfriesen@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,    http://www.GraphicsMagick.org/