John-Mark Gurney <[email protected]> writes: > Mike Tancsa <[email protected]> writes: > > John-Mark Gurney <[email protected]> writes: > > > My patch would only effect userland applications that use /dev/crypto... > > For me its ssh which I think does, no ? > It looks like it uses OpenSSL for it's crypto, not /dev/crypto...
It uses OpenSSL engines, which use /dev/crypto. This is why we had to turn off sandbox mode - a CRIOGET ioctl fails because the sandbox code sets RLIMIT_NOFILES to 0. (trimming security@ from the cc: list as it's an alias for secteam@ which is not the appropriate venue for this discussion.) DES -- Dag-Erling Smørgrav - [email protected] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[email protected]"
