Re: Crypto consolidation in debian ?

To: debian-devel@lists.debian.org
Subject: Re: Crypto consolidation in debian ?
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Thu, 19 May 2011 13:18:51 +0100
Message-id: <[🔎] 19925.2731.458099.135810@chiark.greenend.org.uk>
In-reply-to: <[🔎] 20110501012328.GB22825@virgil.dodds.net>
References: <BANLkTinOV0W=O1tQM1jk2GzhvGPXn3k_pA@mail.gmail.com> <87liywlikq.fsf@windlord.stanford.edu> <BANLkTimkr59-OymRN=FHV8+E6gH=ic2DBw@mail.gmail.com> <87vcxz8xo2.fsf@windlord.stanford.edu> <20110427164643.GJ13524@codelibre.net> <87vcxy34kj.fsf@latte.josefsson.org> <[🔎] 20110501012328.GB22825@virgil.dodds.net>

Steve Langasek writes ("Re: Crypto consolidation in debian ?"):
> Changing the uid of the calling application is *not* an acceptable side
> effect for a library and I can't imagine how anyone could believe that it
> is.  Unfortunately that seems to leave nss_ldap caught between an SSL
> implementation with a perverse license, and an SSL implementation whose
> upstream has perverse ideas about library handling of process state.

This is free software, right ?  We could simply fix our gcrypt.

To avoid accidentally introducing security problems, we could have our
gcrypt read a global variable set by calling programs or libraries, or
something.

Ian.

Reply to:

References:
- Re: Crypto consolidation in debian ?
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: Anyone looking at darcs?
Next by Date: Re: Anyone looking at darcs?
Previous by thread: Re: Crypto consolidation in debian ?
Next by thread: Re: Crypto consolidation in debian ?
Index(es):
- Date
- Thread