[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "random" number seeds vs. Netscape



Philip L. Karlton said:
> 
> I agree, but I have a hard arguing with those that asser that the security
> of UNIX is weak enough that given what we are doing for the patch it will
> be easier to become root from a logged in account than to hack the seed.
> 
Why would you have to argue with them?  When they say that's it's easier to 
become root from a logged in account tell them, "Good, that's just as it 
should be!"  It's a feature, not a problem!

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  [email protected]        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/