LD_PRELOAD is probably one of the most amusing feature of Linux operating systems. It is the starting piece of dynamic instrumentation, reverse engineering madness and every fun userland rootkits. The problem is it is fairly easy to detect, spoiling the fun for everyone. This article is just a schizophrenic discussion on trying to detect LD_PRELOAD and implementing anti-detection countermeasures.
more here.........http://haxelion.eu/article/LD_NOT_PRELOADED_FOR_REAL/
more here.........http://haxelion.eu/article/LD_NOT_PRELOADED_FOR_REAL/