Re: Tempfile vulnerabilities

From: Ian Turner (vectroat_private)
Date: Mon Feb 07 2000 - 14:09:38 PST

Next message: Steven Champeon: "cookies - nothing new"

Previous message: Bill Thompson: "Re: recent 'cross site scripting' CERT advisory"
Next in thread: Seth David Schoen: "Re: Tempfile vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Can be so easy to DoS cryptographic software?

Yes. If you don't trust your users to not deplete the entropy, then don't
give them permission to read it.

Ian Turner
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE4n0Knfn9ub9ZE1xoRArR6AJ9uE8C4oHKQ71PVzZSp7yz2valw4ACghKde
/Yru8+uLeM0gSi3bBRWz1kQ=
=CXya
-----END PGP SIGNATURE-----

Next message: Steven Champeon: "cookies - nothing new"
Previous message: Bill Thompson: "Re: recent 'cross site scripting' CERT advisory"
Next in thread: Seth David Schoen: "Re: Tempfile vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:33:45 PDT