Message 3368 - Python tracker

Author	loewis
Recipients
Date	2001-10-11.19:34:52
SpamBayes Score
Marked as misclassified
Message-id
In-reply-to

Content
Logged In: YES user_id=21627 On PRNG problems, it seems we have two options: - wait for, then require OpenSSL 0.9.7. It will look for a prngd socket in default locations (/var/run/egd-pool, /dev/egd-pool, /etc/egd-pool and /etc/entropy); then require administrators to set up OpenSSL that it indeed finds a prngd in these locations when needed. - expose RAND_add. Exposing any other of the interfaces is pointless; on our installation, prngd runs on localhost:708 instead of a Unix domain socket, and none of the other interfaces could use such a configuration. On top of RAND_add, we could communicate with prngd ourselves, e.g. by using the RANDFILE environment variable.

Logged In: YES 
user_id=21627

On PRNG problems, it seems we have two options:
- wait for, then require OpenSSL 0.9.7. It will look for a
prngd socket in default locations (/var/run/egd-pool,
/dev/egd-pool, /etc/egd-pool and /etc/entropy); then require
administrators to set up OpenSSL that it indeed finds a
prngd in these locations when needed.
- expose RAND_add. Exposing any other of the interfaces is
pointless; on our installation, prngd runs on localhost:708
instead of a Unix domain socket, and none of the other
interfaces could use such a configuration. On top of
RAND_add, we could communicate with prngd ourselves, e.g. by
using the RANDFILE environment variable.

History
Date	User	Action	Args
2007-08-23 13:53:09	admin	link	issue232460 messages
2007-08-23 13:53:09	admin	create