On Wed, Feb 17, 1999, Roman Maeder wrote:
> are there any reasons I am not aware of not to point SSLSessionCache and
> SSLMutex into /tmp, which on my machine (Solaris 2.5.1) is served from
> the swap area, so it is quite a bit faster than is a real hard disk?
> Concerns about attacks from local users are irrelevant in my case.
> These files shouldn't grow too much, should they?
>
> SSLSessionCache dbm:/tmp/ssl_scache
> SSLMutex file:/tmp/ssl_mutex
>
> with such a mount entry:
>
> /tmp on swap read/write on Sa Jan 23 18:25:24 1999
The DBM file can grow too much for you and the Mutex will not really benefit
dramatically by staying in the RAM disk IMHO. So, I'm not convinced this is
what you really want to do.
> one more, unrelated question: Solaris 2.5.1 seems to lack /dev/random.
> Any tips on what files to use as source for randomness, such as
> /var/log/maillog, a different virtual hosts' server access log?
Yes, use /var/adm/messages, the Apache access log, etc. Or when a fast server
startup is not important for you, you can also compile the truerand program
from the mod_ssl distribution and use this. It provides really good random
stuff, because it's based on the Unix process scheduler and it's mostly
unpredictable context switches.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
