Rosyna points out this issue with OSX’s prebinding at unsanity.org:
Prebinding could be a security risk. Not in of itself, but indirectly. You cannot use the checksum of an executable to determine if it has been modified by another or not on OS X. Incidental, yes. Not very important, indeed. But it is one wall that is not there.
MD5 (/bin/mv) = efeb7727e40c597fa33953e551c9979d
Looks fine, no? Well, let us redo the prebinding:
sudo redo_prebinding /bin/mv
MD5 (/bin/mv) = fe7369c88c3a9220ad803ba3e56bbe06
The checksum has changed. While I am sure that there are better ways to get a checksum none are the answer. And AFAIK, dyld doesn’t store the executable’s actual checksum anywehere.