From: patrick@Verity.COM (Patrick Horgan)
Date: Thu, 21 Sep 95 08:28:18 PDT
To: karlton@netscape.com
Subject: Re: "random" number seeds vs. Netscape
Message-ID: <9509211524.AA17588@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


Philip L. Karlton said:
> 
> I agree, but I have a hard arguing with those that asser that the security
> of UNIX is weak enough that given what we are doing for the patch it will
> be easier to become root from a logged in account than to hack the seed.
> 
Why would you have to argue with them?  When they say that's it's easier to 
become root from a logged in account tell them, "Good, that's just as it 
should be!"  It's a feature, not a problem!

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/