From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:40084) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SPWn4-0006gO-27 for qemu-devel@nongnu.org; Wed, 02 May 2012 06:28:15 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1SPWmy-0002H9-L4 for qemu-devel@nongnu.org; Wed, 02 May 2012 06:28:09 -0400 Received: from verein.lst.de ([213.95.11.211]:45525 helo=newverein.lst.de) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SPWmy-0002Gj-Et for qemu-devel@nongnu.org; Wed, 02 May 2012 06:28:04 -0400 Date: Wed, 2 May 2012 12:28:02 +0200 From: Christoph Hellwig Message-ID: <20120502102802.GA28788@lst.de> References: <20120501212040.27850.27184.stgit@sifl> <4FA0699D.6090302@suse.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4FA0699D.6090302@suse.de> Subject: Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Andreas F??rber Cc: Paul Moore , Stefan Weil , qemu-devel@nongnu.org On Wed, May 02, 2012 at 12:54:21AM +0200, Andreas F??rber wrote: > > + fds = fopen("/proc/sys/crypto/fips_enabled", "r"); > > How standardized is this? Should we limit this to __linux__ or something? It's completelt non-standard and doesn't even exist in mainline Linux. All the FIPS bullshit is a RHEL-private feature, which is where this patch should stay as well.