bug#240: random_seed file = SECURITY BUG

Johan Wevers johanw@vulcan.xs4all.nl
Thu, 17 Aug 2000 21:41:59 +0200 (MET DST)


Paul Rubin wrote:


> No he can't. GPG and my login script are write protected. But the
> random_seed file has to be world writeable or else my cgi script can't
> update it (since the cgi script runs as "nobody").
Can't this be changed? I made a special user to run Apache under when I setup a webserver for a client to prevent this kind of problems. -- ir. J.C.A. Wevers // Physics and science fiction site: johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html -- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org