Date: Sun, 20 Jan 2002 23:04:56 +0300 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Mark Murray <mark@grondar.za> Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step1, pam_unix srandomdev fix for review Message-ID: <20020120200455.GC24138@nagual.pp.ru> In-Reply-To: <200201201955.g0KJtVt32805@grimreaper.grondar.org> References: <20020120185334.GA23348@nagual.pp.ru> <200201201955.g0KJtVt32805@grimreaper.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jan 20, 2002 at 19:55:31 +0000, Mark Murray wrote: > > This works, but strikes me as overkill. This is salt, not cryptographic > randomness, so 'srandom(junk)' is most likely better as a replacement > for srandomdev() (where 'junk' can be time(), pid or anything similar). You can't call srandom() from the libraries for the same purposes as srandomdev(), i.e. it damages user application current RNG state in the same way. I mean this: 1) User call srandom(3) 2) Library calls srandomdev() or srandom(123) Second step is effectively damages srandom(3) RNG state. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020120200455.GC24138>