[Mcrypt-developers] PHP + MCrypt security

[S. A. M. L. <sa...@sa...>]

Hello,

    I have a quick question.  Could a malicious user tamper with the =
mcrypt source to have keys sent to the mcrypt commands logged somehow?  =
This way the user could thereafter use the collected keys to decrypt the =
natively encrypted data?

Thanks.
Alex