On 5/2/22 08:56, Ian Pilcher wrote:
IMO, there's a rather desperate need to be able to override the
system-
wide policy for individual processes, maybe via some sort of wrapper
around one of the containerization technologies.
Just FYI, I managed to bang out a proof of concept of a "wrapper" that
runs a program with a different crypto policy. I've successfully used
it to connect to a TLSv1-only HTTP server with both Firefox and curl on
a Fedora 36 system running the DEFAULT crypto policy.
https://bugzilla.redhat.com/show_bug.cgi?id=2064740#c8
--
========================================================================
Google Where SkyNet meets Idiocracy
========================================================================