fwd: What good is this really going to be?

Thomas Roessler roessler at guug.de
Wed Dec 9 01:19:03 CET 1998


On Tue, Dec 08, 1998 at 03:35:56PM -0800, brian moore wrote:

> I'd be willing to contribute something to snarf a bunch of bytes
> from /dev/audio on Solaris (would have to be suid-root to do that,
> but shouldn't be too hard to make safe).

How about putting this functionality into an external helper
program?  This can be made secure and suid root without too much
risk.  GPG could invoke this program and communicate over a pipe:
GPG writes a number, and the "random source program" replies with
the corresponding number of random bytes.  Markus Kuhn has something
really nice along these lines for his one-time password system.
Should be somewhere around on:

		   http://www.cl.cam.ac.uk/~mgk25/
		   
tlr
-- 
Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/
     2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1




More information about the Gnupg-devel mailing list