John-Mark Gurney <j...@funkthat.com> writes: > Mike Tancsa <m...@sentex.net> writes: > > John-Mark Gurney <j...@funkthat.com> writes: > > > My patch would only effect userland applications that use /dev/crypto... > > For me its ssh which I think does, no ? > It looks like it uses OpenSSL for it's crypto, not /dev/crypto...
It uses OpenSSL engines, which use /dev/crypto. This is why we had to turn off sandbox mode - a CRIOGET ioctl fails because the sandbox code sets RLIMIT_NOFILES to 0. (trimming security@ from the cc: list as it's an alias for secteam@ which is not the appropriate venue for this discussion.) DES -- Dag-Erling Smørgrav - d...@des.no _______________________________________________ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
