Re: new /dev/random

From: Paul Rubin (//phr.cx_at_NOSPAM.invalid)
Date: 10/06/04


Date: 06 Oct 2004 14:08:20 -0700

Jean-Luc Cooke <jlcooke@engsoc.org> writes:
> My patch satifies all the assuptions the legacay /dev/random does since
> it keeps all the blocking behaviour and entropy estimation.

Your patch is pointless unless it has some concrete claim to improving
on the legacy system. The legacy system has a known bug. Why does
your patch duplicate the bug instead of fixing it?

> The recomendation that wdagner and team suggested "seed every compile of
> the RNG with some data from /dev/urandom at compile-time" is being looked
> at right now, I want to do it cleanly.

I think Bodo Moeller's suggestion of putting something into the boot
sequence is also worthwhile, though it falls outside the kernel. I'd
say it's cleanest to just put it into the bootup command line, e.g.

   grub> kernel /vmlinuz randomiv=aa64c5313d01b3a2 ....

Alternatively, maybe it could go into the initrd image. This stuff is
outside my area though.



Relevant Pages

  • Weekly Python Patch/Bug Summary
    ... Patch / Bug Summary ... http://python.org/sf/606098 closed by rhettinger ... http://python.org/sf/1088716 closed by loewis ...
    (comp.lang.python)
  • [Full-Disclosure] RE: [kinda-but-not-really-Full-Disclosure-so-we-feel-warm-and-fuzzy] Re: <to va
    ... Because it must be realised that as soon as a patch and or advisory is ... there are global teams of people working to discover and exploit said bug. ... quiet and MS just released patches for 'undisclosed' problems... ... > engineer a ms patch to find the changed code and produce a working ...
    (Full-Disclosure)
  • Re: Getting rid of atomic_load_acq_int(&fdp->fd_nfiles)) from fget_unlocked
    ... looked at the patch 1. ... A cast of a value to a qualified type has no effect; ... using volatile semantics, the technique is to cast the address of the ... just the first bug in it. ...
    (freebsd-arch)
  • RE: Mailslot bug (MS06-035) vs non-Mailslot bug (CVE-2006-3942)
    ... made patch for SRV.SYS. ... vulnerabilities that everyone is so afraid to talk about. ... the mailslot bug, and they didn't have any technical details to turn to, ... So keep on truckin Core Security, Michal Zalewski, and even ...
    (Bugtraq)
  • Re: Cant take skilled talent?
    ... least playing an easier version of the game than everyone else has. ... mind changing or removing the patch if TB emailed me about it. ... -fixing skilled bug is good ... The patch simply stops the monsters from growing too powerful compared to the ...
    (rec.games.roguelike.adom)