[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 2/2] services: Add 'dropbear-service'.
From: |
Leo Famulari |
Subject: |
Re: [PATCH 2/2] services: Add 'dropbear-service'. |
Date: |
Sat, 9 Jul 2016 14:32:06 -0400 |
User-agent: |
Mutt/1.6.0 (2016-04-01) |
On Sat, Jul 09, 2016 at 04:39:02PM +0200, David Craven wrote:
> Yeah, I should have better said I don't know instead of talking out of my ass.
That's harsh! I'm not an expert either, but I have begun trying to
understand the assumptions that programs like SSH daemons make in their
security model. In some cases, they assume that /dev/urandom has been
properly seeded, which it typically is not after first boot.
> All I can really do is trust that the people who write security
> related code know what they are doing.
Right, but like I said above, we must make an effort to know the
assumptions they are making about the system.
> Is there anything else holding this up?
I'm not the best person to review new services — they are still a little
over my head. At least, I should not be the sole reviewer.
In the meantime, can you provide an OS declaration (config.scm) that
makes use of dropbear-service so we can easily test it?
I'd like for this to become standard practice when new services are
submitted for review.
- [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh), David Craven, 2016/07/04
- Re: [PATCH 2/2] services: Add 'dropbear-service'., Leo Famulari, 2016/07/09
- Re: [PATCH 2/2] services: Add 'dropbear-service'., Leo Famulari, 2016/07/09
- Re: [PATCH 2/2] services: Add 'dropbear-service'., David Craven, 2016/07/09
- Re: [PATCH 2/2] services: Add 'dropbear-service'., David Craven, 2016/07/09
- Re: [PATCH 2/2] services: Add 'dropbear-service'., Ludovic Courtès, 2016/07/11
- Re: [PATCH 2/2] services: Add 'dropbear-service'., David Craven, 2016/07/13
- Re: [PATCH 2/2] services: Add 'dropbear-service'., David Craven, 2016/07/13
- Re: [PATCH 2/2] services: Add 'dropbear-service'., David Craven, 2016/07/13
Re: [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh), Efraim Flashner, 2016/07/05