From owner-freebsd-security@FreeBSD.ORG Mon Sep 17 00:23:46 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AFBF1106564A for ; Mon, 17 Sep 2012 00:23:46 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wg0-f50.google.com (mail-wg0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 31A678FC15 for ; Mon, 17 Sep 2012 00:23:45 +0000 (UTC) Received: by wgi16 with SMTP id 16so348460wgi.31 for ; Sun, 16 Sep 2012 17:23:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; bh=klTGJwH5CXGZAh2ZmbbZnIuNU7c8Rzw6Z1YLWknMpMg=; b=pnRtKt6UhocQGqukmUY8ni9tbMXd3k83n/uAwSgaKr361epN8LkiYO6TquRGFD0PCK zbkcxzUd+0ySEyUfSpdOgyyVoz52P9/Sjag36lsWUtpgG36nMB5OG+ENq4aeLWntZWHP VGVG2ag0zre9eqxFS+nyjRS68IfcT3evddzKmRV9juGgASdUY3GlB5hx/gselXSWTmKb +paoFE5ooIPbmh5CsHJWogX9ak47ccFw930No2S5stexeJG4c8xkuqM56TKNZvQiwYqc zNVLoI3KWOeZblsa/hL1QRZZ1UJShDD4nXDF3bh+fn3e9nYz7oxHmIFrAPVzty+PPIXY zWVw== Received: by 10.216.167.135 with SMTP id i7mr4948411wel.97.1347841424715; Sun, 16 Sep 2012 17:23:44 -0700 (PDT) Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk. [87.194.105.247]) by mx.google.com with ESMTPS id fb20sm21459787wid.1.2012.09.16.17.23.42 (version=SSLv3 cipher=OTHER); Sun, 16 Sep 2012 17:23:43 -0700 (PDT) Date: Mon, 17 Sep 2012 01:23:41 +0100 From: RW To: freebsd-security@freebsd.org Message-ID: <20120917012341.79cc8ce2@gumby.homeunix.com> In-Reply-To: <50564446.80606@FreeBSD.org> References: <50453686.9090100@FreeBSD.org> <50564446.80606@FreeBSD.org> X-Mailer: Claws Mail 3.8.1 (GTK+ 2.24.6; amd64-portbld-freebsd8.3) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Proposed fix; stage 1 (Was: svn commit: r239569 - head/etc/rc.d) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2012 00:23:46 -0000 On Sun, 16 Sep 2012 14:27:34 -0700 Doug Barton wrote: > Finally, I still think that making changes to the entropy-feeding > methods in initrandom or random are premature until we have a chance > to review Arthur's work on what's actually happening with the buffer. > Until we know where the problems are, we're only guessing as to what > the fixes should be. The results are likely to be dependent on hardware, so it's going to be difficult to get a complete picture. In particular I'd suggest pre-caching ls and /entropy to simulate very fast flash drives.