Steve Langasek writes ("Re: Crypto consolidation in debian ?"):
> Changing the uid of the calling application is *not* an acceptable side
> effect for a library and I can't imagine how anyone could believe that it
> is. Unfortunately that seems to leave nss_ldap caught between an SSL
> implementation with a perverse license, and an SSL implementation whose
> upstream has perverse ideas about library handling of process state.
This is free software, right ? We could simply fix our gcrypt.
To avoid accidentally introducing security problems, we could have our
gcrypt read a global variable set by calling programs or libraries, or
something.
Ian.
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/19925.2731.458099.135...@chiark.greenend.org.uk
