mirror of
git://git.code.sf.net/p/cdesktopenv/code
synced 2025-03-09 15:50:02 +00:00
No description
dtlogin's genauth routines were trying to open and read /dev/mem on linux and (presumably) bsd systems in order to obtain random data used in creating an auth key. This is bad for a variety of reasons. Newer linux kernels (at least on 3.2) issue the following warning to the kernel logs: "Program dtlogin tried to access /dev/mem between 100000->102000." Now on linux we will use /dev/urandom, and on CSRG_BASED (bsd) systems we will use /dev/random to obtain some entropy. |
||
---|---|---|
cde |