Re: Crypto consolidation in debian ?
Steve Langasek writes ("Re: Crypto consolidation in debian ?"):
> Changing the uid of the calling application is *not* an acceptable side
> effect for a library and I can't imagine how anyone could believe that it
> is. Unfortunately that seems to leave nss_ldap caught between an SSL
> implementation with a perverse license, and an SSL implementation whose
> upstream has perverse ideas about library handling of process state.
This is free software, right ? We could simply fix our gcrypt.
To avoid accidentally introducing security problems, we could have our
gcrypt read a global variable set by calling programs or libraries, or
something.
Ian.
Reply to: