Date: Sun, 28 Nov 1999 12:11:52 -0700 From: Warner Losh <imp@village.org> To: Dan Moschuk <dan@FreeBSD.ORG> Cc: Kris Kennaway <kris@hub.freebsd.org>, freebsd-audit@FreeBSD.ORG Subject: Re: Last random PID patch before commit Message-ID: <199911281911.MAA85867@harmony.village.org> In-Reply-To: Your message of "Sun, 28 Nov 1999 13:04:32 EST." <19991128130432.C33028@november.jaded.net> References: <19991128130432.C33028@november.jaded.net> <19991128012420.A48334@spirit.jaded.net> <Pine.BSF.4.21.9911280042420.89688-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <19991128130432.C33028@november.jaded.net> Dan Moschuk writes: : Correct. That's probably not the best way of doing it, however, I'm not : convinced that /dev/random is the best way either. My other idea was to : leave key[256] uninitialized and just use whatever happens to be there. Hmmm. I think this is a bad idea. The key won't be sufficently random since you can count on a number of bits in the stack garbage being set due to kernel addresses. This weakens the resulting randomness from 2048 bits down to 1500ish bits (assumnig that my read of the code gives key a 8 bit size). What's wrong with the /dev/random random number stream? This is exactly the sort of thing that it is designed for.... Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911281911.MAA85867>