From owner-freebsd-hackers@FreeBSD.ORG Sat Jul 9 17:15:01 2005 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B8F4F16A41C for ; Sat, 9 Jul 2005 17:15:01 +0000 (GMT) (envelope-from sam@errno.com) Received: from ebb.errno.com (ebb.errno.com [66.127.85.87]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6D5C743D48 for ; Sat, 9 Jul 2005 17:15:01 +0000 (GMT) (envelope-from sam@errno.com) Received: from [66.127.85.94] ([66.127.85.94]) (authenticated bits=0) by ebb.errno.com (8.12.9/8.12.6) with ESMTP id j69HExms064179 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 9 Jul 2005 10:15:00 -0700 (PDT) (envelope-from sam@errno.com) Message-ID: <42D0062F.3020303@errno.com> Date: Sat, 09 Jul 2005 10:15:27 -0700 From: Sam Leffler Organization: Errno Consulting User-Agent: Mozilla Thunderbird 1.0.2 (Macintosh/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Jeremie Le Hen References: <20050708153506.GM39292@obiwan.tataz.chchile.org> <20050708192104.Q26713@odysseus.silby.com> <20050709081550.GR39292@obiwan.tataz.chchile.org> In-Reply-To: <20050709081550.GR39292@obiwan.tataz.chchile.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-hackers@freebsd.org Subject: Re: ProPolice: best way to fill canary X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Jul 2005 17:15:01 -0000 Jeremie Le Hen wrote: > Hi Mike, > > On Fri, Jul 08, 2005 at 07:22:13PM -0500, Mike Silbersack wrote: > >>On Fri, 8 Jul 2005, Jeremie Le Hen wrote: >> >>>The second method requires to introduce the kern.arnd sysctl >>>(KERN_ARND). FYI, note that NetBSD has kern.urandom (KERN_URND) and >>>they define KERN_ARND to be an alias to this. >> >>I don't see any problem with introducing such a sysctl, if it would make >>the propolice patch simpler. > > > Thanks for you answer. In that case, which sysctl should we use ? > > * OpenBSD's kern.arnd (KERN_ARND) which is a front-end to > the arc4random() function ? > > * NetBSD's kern.urandom (KERN_URND) which is using the rnd(4) > pseudo-device. They also have KERN_ARND in sysctl.h, which > is no more than a #define of KERN_URND, for compatibility > with OpenBSD. > > Usually, I noticed that FreeBSD used to be as close as possible with > NetBSD. But I would like to hear the voice of a more experienced > hacker about this. > I asked a certain person to add the obsd sysctl long ago but it never happened. Sam