Re: K1 images - final report?

To: "Alfred M. Szmidt" <ams@kemisten.nu>
Cc: sergipop@mx3.redestb.es, debian-hurd@lists.debian.org
Subject: Re: K1 images - final report?
From: kilobug@freesurf.fr (Gaël Le Mignot)
Date: Mon, 16 Dec 2002 16:49:38 +0100
Message-id: <[🔎] plopm3lm2qc6b1.fsf@drizzt.dyndns.org>
In-reply-to: <[🔎] E18NwLs-0003fU-00@lgh163a.kemisten.nu> ("Alfred M. Szmidt"'s message of "Mon, 16 Dec 2002 15:36:12 +0100")
References: <[🔎] Pine.LNX.4.44.0212160010130.7859-100000@stephen.copyleft.co.nz> <[🔎] 20021215202705.GB1097@aragorn> <[🔎] 20021215221126.A3963@l2.ponznet.net> <[🔎] E18NirN-0003Ib-00@lgh163a.kemisten.nu> <[🔎] plopm33coye2ld.fsf@drizzt.dyndns.org> <[🔎] E18NwLs-0003fU-00@lgh163a.kemisten.nu>

Alfred a écrit : 

 >    And ? It's  a temporary solution that allow user to  use an ssh client
 >    and/or server, which  is very usefull. You just have  to add a debconf
 >    warning saying that the entropy  source is unsafe, and asking the user
 >    to pay attention. We don't need more for now, since anyway no Hurd box
 >    will be used in a critical environement in a near future.

 > It is a temporary solution, but it is also the wrong solution.  It is
 > just as unsafe as copying libc.so to /dev/urandom.  A false sense of
 > security is worse than no security.  If a user needs urandom that
 > badly, they can install it on their own.

This prevents  ssh & such  to work with  a simple apt-get,  and that's
wrong.  If we cannot have strong  security, than we tell it, but we do
not suppress  mostly-working programs just because of  that. Anyway, a
bad entropy generator  isn't the main concern before  using a GNU/Hurd
box for something "real".

-- 
Gael Le Mignot "Kilobug" - kilobug@nerim.net - http://kilobug.free.fr
GSM         : 06.71.47.18.22 (in France)   ICQ UIN   : 7299959
Fingerprint : 1F2C 9804 7505 79DF 95E6 7323 B66B F67B 7103 C5DA

Member of HurdFr: http://hurdfr.org - The GNU Hurd: http://hurd.gnu.org

Reply to:

Follow-Ups:
- Re: K1 images - final report?
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>

References:
- K1 images - final report?
  - From: Philip Charles <philipc@copyleft.co.nz>
- Re: K1 images - final report?
  - From: Robert Millan <zeratul2@wanadoo.es>
- Re: K1 images - final report?
  - From: pancake <sergipop@mx3.redestb.es>
- Re: K1 images - final report?
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>
- Re: K1 images - final report?
  - From: kilobug@freesurf.fr (Gaël Le Mignot)
- Re: K1 images - final report?
  - From: "Alfred M. Szmidt" <ams@kemisten.nu>

Prev by Date: Re: K1 images - final report?
Next by Date: Re: Induced crashes
Previous by thread: Re: K1 images - final report?
Next by thread: Re: K1 images - final report?
Index(es):
- Date
- Thread