[$] Identifying dependencies used via dlopen()
The recent XZ backdoor has sparked a lot of discussion about how the open-sourcecommunity links and packages software. One possiblesecurity improvement being discussedis changing howprojects like systemd link to dynamic libraries that are only used foroptional functionality: usingdlopen() to load those libraries onlywhen required. This couldshrink the attack surface exposed by dependencies, but the approach is notwithout downsides - most prominently, it makes discovering which dynamiclibraries a program depends on harder.On April 11, Lennart Poettering proposed one way to eliminate that problemin a systemd RFC on GitHub.