Date: Tue, 24 Dec 2013 14:36:10 -0800 From: Paul Hoffman <phoffman@proper.com> To: d@delphij.net Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>, FreeBSD Current <freebsd-current@freebsd.org>, Pawel Jakub Dawidek <pjd@FreeBSD.org> Subject: Re: [PATCH RFC] Disable save-entropy in jails Message-ID: <278988C7-1749-413D-A5E2-ABE6753B3766@proper.com> In-Reply-To: <52B9F232.1090002@delphij.net> References: <52B9F232.1090002@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 24, 2013, at 12:44 PM, Xin Li <delphij@delphij.net> wrote: > I think we shouldn't save entropy inside jails, as the data is not = going > to be used by rc script (pjd@126744). If there is no objections, I = will > commit this changeset on January 1, 2014. Even if it is not used by an rc script, it might be used by some = userland program (running as root, of course) that knows about the = directory and wants some fresh entropy for its own use. Is there a problem with saving the directory in jails? It certainly = isn't taking up much space. --Paul Hoffman=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?278988C7-1749-413D-A5E2-ABE6753B3766>