[Pkg-openssl-devel] Bug#689490: openssl: using openssl from maintainer scripts creates /root/.rnd
Kurt Roeckx
kurt at roeckx.be
Wed Oct 3 16:05:21 UTC 2012
On Wed, Oct 03, 2012 at 11:43:48AM +0200, Andreas Beckmann wrote:
> Package: openssl
> Version: 1.0.1c-4
> Severity: important
> User: debian-qa at lists.debian.org
> Usertags: piuparts
>
>
> Hi,
>
> while doing piuparts tests I noticed several packages leaving around a
> /root/.rnd file. The thing all these have in common is a (indirect)
> dependency on openssl:
>
> courier-mta-ssl
> courier-imap-ssl
> courier-pop-ssl
> dovecot-core
> (perhaps more)
>
> I think this is a FHS violation, dropping anything in root's HOME.
> Wouldn't /var/lib/openssl/rnd be a more appropriate place?
Oh, you want random users to write to root's .rnd file? That sounds
like a good idea.
Kurt
More information about the Pkg-openssl-devel
mailing list