[13743] in bugtraq
Re: Tempfile vulnerabilities
daemon@ATHENA.MIT.EDU (Ian Turner)
Tue Feb 8 01:54:55 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.10002071409080.10841-100000@crafter.house>
Date: Mon, 7 Feb 2000 14:09:38 -0800
Reply-To: vectro@PIPELINE.COM
From: Ian Turner <vectro@PIPELINE.COM>
X-To: antirez <antirez@invece.org>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000205121609.A149@nagash.suidshell.net>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Can be so easy to DoS cryptographic software?
Yes. If you don't trust your users to not deplete the entropy, then don't
give them permission to read it.
Ian Turner
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE4n0Knfn9ub9ZE1xoRArR6AJ9uE8C4oHKQ71PVzZSp7yz2valw4ACghKde
/Yru8+uLeM0gSi3bBRWz1kQ=
=CXya
-----END PGP SIGNATURE-----
