[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: libbsd package



* Thorsten Glaser:

> Any progress on the libbsd package, now that licence issues are out
> of the way? IIRC, plans were to get it ready for all arches in lenny?

We need a thread-safe version of something like arc4random as an element
for various security patches (which will target etch).  Shall we
back-port libbsd as a whole, or should we just spin a separate library
package?

I'd also see a change that limits the number of bytes which is read from
/dev/urandom (32 or fewer should be enough).  I'm concerned about
looping shell scripts darinign entropy from the pool at an unacceptably
high rate.


Reply to: