diff options
Diffstat (limited to 'cipher')
| -rw-r--r-- | cipher/ChangeLog | 5 | ||||
| -rw-r--r-- | cipher/rndunix.c | 9 |
2 files changed, 13 insertions, 1 deletions
diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 75c143ff3..ef01c1dd4 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,8 @@ +2004-10-14 Werner Koch <[email protected]> + + * rndunix.c (start_gatherer) [ENABLE_SELINUX_HACKS]: Don't allow + logging. + 2004-10-12 David Shaw <[email protected]> * algorithms.h, cast5.c, cipher.c, idea-stub.c, twofish.c, diff --git a/cipher/rndunix.c b/cipher/rndunix.c index a07fde325..c3b5cf8e2 100644 --- a/cipher/rndunix.c +++ b/cipher/rndunix.c @@ -652,6 +652,13 @@ start_gatherer( int pipefd ) FILE *dbgfp = NULL; int dbgall; +#ifdef ENABLE_SELINUX_HACKS + /* We don't allow writing to the log file because this might be + sued to corrupt a secured file. Given that this is used as a + library by the ../g10/ code, we can't access the check function + from ../g10/misc.c. */ + dbgall = 0; +#else { const char *s = getenv("GNUPG_RNDUNIX_DBG"); if( s ) { @@ -664,7 +671,7 @@ start_gatherer( int pipefd ) } dbgall = !!getenv("GNUPG_RNDUNIX_DBGALL"); } - +#endif /* Set up the buffer */ gather_buffer_size = GATHER_BUFSIZE; |