From owner-freebsd-hackers@FreeBSD.ORG  Sat Jul  9 08:15:52 2005
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: freebsd-hackers@FreeBSD.org
Delivered-To: freebsd-hackers@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 23ED316A41C
	for <freebsd-hackers@FreeBSD.org>; Sat,  9 Jul 2005 08:15:52 +0000 (GMT)
	(envelope-from tataz@tataz.chchile.org)
Received: from postfix3-2.free.fr (postfix3-2.free.fr [213.228.0.169])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C0DBF43D45
	for <freebsd-hackers@FreeBSD.org>; Sat,  9 Jul 2005 08:15:51 +0000 (GMT)
	(envelope-from tataz@tataz.chchile.org)
Received: from tatooine.tataz.chchile.org
	(vol75-8-82-233-239-98.fbx.proxad.net [82.233.239.98])
	by postfix3-2.free.fr (Postfix) with ESMTP id 0FED9C068;
	Sat,  9 Jul 2005 10:15:49 +0200 (CEST)
Received: by tatooine.tataz.chchile.org (Postfix, from userid 1000)
	id 9A8A8405C; Sat,  9 Jul 2005 10:15:51 +0200 (CEST)
Date: Sat, 9 Jul 2005 10:15:50 +0200
From: Jeremie Le Hen <jeremie@le-hen.org>
To: Mike Silbersack <silby@silby.com>
Message-ID: <20050709081550.GR39292@obiwan.tataz.chchile.org>
References: <20050708153506.GM39292@obiwan.tataz.chchile.org>
	<20050708192104.Q26713@odysseus.silby.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20050708192104.Q26713@odysseus.silby.com>
User-Agent: Mutt/1.5.9i
Cc: freebsd-hackers@FreeBSD.org, Jeremie Le Hen <jeremie@le-hen.org>
Subject: Re: ProPolice: best way to fill canary
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Jul 2005 08:15:52 -0000

Hi Mike,

On Fri, Jul 08, 2005 at 07:22:13PM -0500, Mike Silbersack wrote:
> On Fri, 8 Jul 2005, Jeremie Le Hen wrote:
> >The second method requires to introduce the kern.arnd sysctl
> >(KERN_ARND).  FYI, note that NetBSD has kern.urandom (KERN_URND) and
> >they define KERN_ARND to be an alias to this.
> 
> I don't see any problem with introducing such a sysctl, if it would make 
> the propolice patch simpler.

Thanks for you answer.  In that case, which sysctl should we use ?

	* OpenBSD's kern.arnd (KERN_ARND) which is a front-end to
	  the arc4random() function ?
	
	* NetBSD's kern.urandom (KERN_URND) which is using the rnd(4)
	  pseudo-device.  They also have KERN_ARND in sysctl.h, which
	  is no more than a #define of KERN_URND, for compatibility
	  with OpenBSD.

Usually, I noticed that FreeBSD used to be as close as possible with
NetBSD.  But I would like to hear the voice of a more experienced
hacker about this.

Thanks.
Best regards,
-- 
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >