[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: K1 images - final report?

   And ? It's  a temporary solution that allow user to  use an ssh client
   and/or server, which  is very usefull. You just have  to add a debconf
   warning saying that the entropy  source is unsafe, and asking the user
   to pay attention. We don't need more for now, since anyway no Hurd box
   will be used in a critical environement in a near future.

It is a temporary solution, but it is also the wrong solution.  It is
just as unsafe as copying libc.so to /dev/urandom.  A false sense of
security is worse than no security.  If a user needs urandom that
badly, they can install it on their own.

Reply to: