/dev/random vs. /dev/urandom and the krb5 test suite
Simo Sorce
ssorce at redhat.com
Thu Jun 18 15:03:08 EDT 2009
On Thu, 2009-06-18 at 14:45 -0400, Sam Hartman wrote:
> >>>>> "Simo" == Simo Sorce <ssorce at redhat.com> writes:
> Simo> Wouldn't it make more sense to have an environment variable
> Simo> used only during tests ?
>
> I'm much more comfortable with the implications of introducing a
> config file options than environment variables. Environment variables
> tend to get set by things like telnet, ssh, etc and have a checkered
> security history.
Sorry I thought this applied only to krb5kdc/kadmind, not to
libraries/user tools.
Your concerns make sense to me, although, if you environment is poisoned
I think you have more pressing problems to care about :)
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the krbdev
mailing list