From owner-freebsd-audit Sun Nov 28 11:33:52 1999 Delivered-To: freebsd-audit@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 0F50B14C28; Sun, 28 Nov 1999 11:33:50 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id E90B81CD42D; Sun, 28 Nov 1999 11:33:50 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Sun, 28 Nov 1999 11:33:50 -0800 (PST) From: Kris Kennaway To: Dan Moschuk Cc: Warner Losh , freebsd-audit@FreeBSD.ORG Subject: Re: Last random PID patch before commit In-Reply-To: <19991128142407.B33514@november.jaded.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 28 Nov 1999, Dan Moschuk wrote: > The only problem with the /dev/random stream is that it will not have > sufficient entropy built up by the time the arc4_init() is likely to > be called, at bootup. Have you tested this? I repeat, even if there was zero entropy in the pool, seeding with time + /dev/random (i.e. what arc4random() does in openbsd, and probably ours too) it is as strong as your current seeding. If you even have 1 bit, it becomes better. > Not to say that the way I initialize it is any better, but it will work until > "The best" solution can be found. The existing arc4random() reseeds every 128 calls, which means that, at worst, the first 128 pids you spawn will be weakly random. Under your current system, every process spawned by the system forever is weakly random. Kris ---- Just remember, as you celebrate Thanksgiving with your family feasts of turkey, cranberries, stuffing, gravy, mashed potatoes, squash, corn, cornbread, apples, pickles, dumplings, fish, orangutans, fruitbats, breakfast cereals, and so forth, to keep in mind the true reason for the season: The birth of Santa. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message