From owner-cvs-all@FreeBSD.ORG  Fri Aug 15 12:59:39 2003
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 012D537B401; Fri, 15 Aug 2003 12:59:39 -0700 (PDT)
Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.157.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 6F23643FAF; Fri, 15 Aug 2003 12:59:37 -0700 (PDT)
	(envelope-from mark@grondar.org)
Received: from storm.FreeBSD.org.uk (Ugrondar@localhost [127.0.0.1])
	by storm.FreeBSD.org.uk (8.12.9/8.12.9) with ESMTP id h7FJxVHo073996;
	Fri, 15 Aug 2003 20:59:31 +0100 (BST)
	(envelope-from mark@grondar.org)
Received: (from Ugrondar@localhost)h7FJxVKv073995;
	Fri, 15 Aug 2003 20:59:31 +0100 (BST)
X-Authentication-Warning: storm.FreeBSD.org.uk: Ugrondar set sender to
	mark@grondar.org using -f
Received: from grondar.org (localhost [127.0.0.1])h7FJstOI004259;
	Fri, 15 Aug 2003 20:54:55 +0100 (BST)
	(envelope-from mark@grondar.org)
From: Mark Murray <mark@grondar.org>
Message-Id: <200308151954.h7FJstOI004259@grimreaper.grondar.org>
To: Sam Leffler <sam@errno.com>
In-Reply-To: Your message of "Fri, 15 Aug 2003 12:17:46 PDT."
             <88549156.1060949866@melange.errno.com> 
Date: Fri, 15 Aug 2003 20:54:54 +0100
Sender: mark@grondar.org
X-Spam-Status: No, hits=0.2 required=5.0
	tests=EMAIL_ATTRIBUTION,FROM_NO_LOWER,IN_REP_TO,
	      QUOTED_EMAIL_TEXT,REPLY_WITH_QUOTES
	version=2.55
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
cc: cvs-src@FreeBSD.org
cc: src-committers@FreeBSD.org
cc: cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/libkern arc4random.c 
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Aug 2003 19:59:39 -0000

Sam Leffler writes:
> > Having a /dev/random which is sometimes (chroot/jail) means that
> > applications running under those circumstances are incredible fragile
> > to spoofing by creating a fake "/dev/random" in some way.
> 
> openbsd defined a sysctl to get data from arc4random.  They use this as a 
> fallback if /dev/random or similar is not available.  Applications that 
> wanted to be paranoid about spoofing could use this directly.  I have not 
> compared the goodness of the data from /dev/random and arc4random.

I am working on an openbsd-compatible sysctl.

M
--
Mark Murray
iumop ap!sdn w,I idlaH