[ROS] The perils of security tools
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed May 14 01:41:06 EDT 2008
Ben Laurie <ben at links.org> writes:
>I must confess that I said that because I did not have the energy to figure
>out the other routes to adding entropy, such as adding an int (e.g. a PID,
>which I'm told still makes it in there).
So just to clarify, does the Debian patch only remove the ability to add
uninitialised memory (which will be all-zeroes anyway on an OS with proper
resource controls) or does it remove the ability to add any entropy at all?
The advisory makes it sound like it's the latter.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list