From owner-freebsd-current  Thu Oct 26 15:16:40 2000
Delivered-To: freebsd-current@freebsd.org
Received: from dragon.nuxi.com (trang.nuxi.com [209.152.133.57])
	by hub.freebsd.org (Postfix) with ESMTP id E8ECD37B479
	for <current@FreeBSD.ORG>; Thu, 26 Oct 2000 15:16:36 -0700 (PDT)
Received: (from obrien@localhost)
	by dragon.nuxi.com (8.9.3/8.9.1) id PAA07567;
	Thu, 26 Oct 2000 15:16:12 -0700 (PDT)
	(envelope-from obrien)
Date: Thu, 26 Oct 2000 15:16:12 -0700
From: "David O'Brien" <obrien@FreeBSD.ORG>
To: Matt Dillon <dillon@earth.backplane.com>
Cc: Mark Murray <mark@grondar.za>, current@FreeBSD.ORG
Subject: Re: entropy reseeding is totally broken
Message-ID: <20001026151612.B7284@dragon.nuxi.com>
Reply-To: current@FreeBSD.ORG
References: <200010262047.e9QKleY45974@earth.backplane.com> <200010262102.e9QL2ZM00703@grimreaper.grondar.za> <200010262125.e9QLPwL53609@earth.backplane.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <200010262125.e9QLPwL53609@earth.backplane.com>; from dillon@earth.backplane.com on Thu, Oct 26, 2000 at 02:25:58PM -0700
X-Operating-System: FreeBSD 5.0-CURRENT
Organization: The NUXI BSD group
X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3  90 76 5D 69 58 D9 98 7A
X-Pgp-Rsa-Keyid: 1024/34F9F9D5
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Thu, Oct 26, 2000 at 02:25:58PM -0700, Matt Dillon wrote:
>     /etc/rc already assumes that /var is writable.  I recommend that you make
>     that assumption by default... have the default entropy file be something
>     like "/var/db/entropy_seed" and allow the administrator to override it
>     with an RC variable.  You could allow the administrator to select a
>     different entropy file and you could have another RC variable which allows
>     the administrator to set a command which, when executed, returns an
>     arbitrary sequence of bytes on its stdout to initialize entropy with.

This is sweet!  Seems it would give us the full benefits of Mark's
randomdev, and fit nicely with our normal configuration framework and
gives good flexibility.

-- 
-- David  (obrien@FreeBSD.org)
          GNU is Not Unix / Linux Is Not UniX


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message