> In the case of OpenSSL, its environment looks vulnerable. Some obvious holes
> for a hostile user that is *NOT* going as far as decompiling the wallet:
> - the environment variable $SSL_CIPHER could be used to specify a weaker
> cipher than the bank wants;
> - $RANDFILE or /dev/random (or egd) could be replaced with a predictable
> source;
> - whatever else the CONF facility lets the user specify;
> - whatever else someone who studies the code can figure out.
I'm not sure I understand the problem. The cipher set and the random
source are set by the application not by the library. If you do not
implement SSL_CIPHER or RANDFILE in the application you develop these
will not be used in creating the TLS connection.
The same is true for the rest of the configuration options.
Jeffrey Altman * Sr.Software Designer * Kermit-95 for Win32 and OS/2
The Kermit Project * Columbia University
612 West 115th St #716 * New York, NY * 10025
http://www.kermit-project.org/k95.html * [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
