Date: Sun, 24 Jul 2005 08:37:11 +0930 From: Greg 'groggy' Lehey <grog@lemis.com> To: "M. Warner Losh" <imp@bsdimp.com> Cc: dougb@freebsd.org, freebsd-current@freebsd.org Subject: Re: cvs commit: src/games/fortune/fortune fortune.c Message-ID: <20050723230711.GD842@wantadilla.lemis.com> In-Reply-To: <20050723.130941.93453281.imp@bsdimp.com> References: <20050723020120.GV842@wantadilla.lemis.com> <42E1DFCE.6090506@FreeBSD.org> <20050723064449.GZ842@wantadilla.lemis.com> <20050723.130941.93453281.imp@bsdimp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--lBPdJKrYqo3eKYSb Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Saturday, 23 July 2005 at 13:09:41 -0600, M. Warner Losh wrote: > In message: <20050723064449.GZ842@wantadilla.lemis.com> > "Greg 'groggy' Lehey" <grog@freebsd.org> writes: >> You should take a look at what I committed. It simply uses the >> microsecond value returned by getlocaltime() for the automatic seeding >> by srandomdev(). It fixes the problem. I can see only two >> explanations: >> >> 1. srandomdev(), random(4) or friends are broken. >> 2. random(4) has been initialized incorrectly. >> >> Currently I'm guessing (2), but I don't care much either way. > > When sradnomdev() is broken, *DO*NOT* kludge around them by > committing half-baked "fixes" like you did. This code is good enough for fortune. Nobody's claiming that it's a solution to random number generation. Others should look at that aspect, not get involved in a commit war. > It is broken. We need to find out the *REAL* cause of the problem. Agreed. Is anybody doing that? It's not my area. > If Rush gets more quotes than normal, and that annoys people to find > the real problem, we shouldn't mask it. It is a really bad choice > from a security point of view. So it's better to back perfectly valid code rather than to look for the real culprit? What kind of security is that? Greg -- The virus once contained in this message has lost interest in life, shrivelled up and died. LEMIS anti-virus has given it an appropriate burial. For further details see http://www.lemis.com/grog/lemis-virus.html Finger grog@lemis.com for PGP public key. See complete headers for address and phone numbers. --lBPdJKrYqo3eKYSb Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFC4s2fIubykFB6QiMRAi6FAJwPe8xnesZGxYkB0o1zgEBV6Q2hlgCgnnUy +FBVfHbHspqjSQL+NmzyJh4= =3/lv -----END PGP SIGNATURE----- --lBPdJKrYqo3eKYSb--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050723230711.GD842>