If you use Linux and you program, you've probably used the ldd command to track down a dependency or two. If you use it with any frequency, you definitely need to read this article. Peteris Krumins explains that ldd is not an innocuous little utility, devoid of malicious possibilties. From the blog entry:
For example, you can put a malicious executable in ~/app/bin/exec and have it loaded by ~/app/lib/loader.so. If someone does `ldd /home/you/app/bin/exec` then it’s game over for them. They just ran the nasty code you had put in your executable. You can do some social engineering to get the sysadmin to execute `ldd` on your executable allowing you to gain the control over the box.