Great Circle Associates Majordomo-Workers
(November 1998) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: current CVS, insecure dependencies..
From: Dave Barr <barr @ cis . ohio-state . edu>
Organization: The Ohio State University, Dept of Computer and Info Science
Date: Mon, 09 Nov 1998 09:06:18 -0500
To: Jason L Tibbitts III <tibbs @ hpc . uh . edu>
Cc: majordomo-workers @ GreatCircle . COM
References: <36434956.37CE3243@cis.ohio-state.edu> <ufau30cqx74.fsf@sina.hpc.uh.edu> <36437836.8F8E086B@cis.ohio-state.edu> <ufaaf24pf6o.fsf@sina.hpc.uh.edu> 
Jason L Tibbitts III wrote:
> 
> Can you try this?  My best guess now is that MD5 passes tainting on to the
> digest.  This isn't a problem for us, since we put that together with some
> random bits and grind it through MD5.

Hm, that seems to have fixed it, at least for my initial test case.

--Dave
-- 
http://www.cis.ohio-state.edu/~barr/
barr@cis.ohio-state.edu
References:
Indexed By Date Previous: Re: Mj2 now maintains your aliases
From: Dave Hayes <dave@jetcafe.org>
Next: Re: mj_digest (1.94.4) lock problem
From: Dave Wolfe <dwolfe@risc.sps.mot.com>
Indexed By Thread Previous: Re: current CVS, insecure dependencies..
From: Jason L Tibbitts III <tibbs@hpc.uh.edu>
Next: mj_digest (1.94.4) lock problem
From: "Brian L. Heess" <dmbong@commline.com>
Google
 
Search Internet Search www.greatcircle.com