Date: Tue, 24 Jul 2012 08:37:21 -0400 From: David Schultz <das@FreeBSD.ORG> To: Doug Barton <dougb@FreeBSD.ORG> Cc: src-committers@FreeBSD.ORG, Pawel Jakub Dawidek <pjd@FreeBSD.ORG>, svn-src-all@FreeBSD.ORG, svn-src-head@FreeBSD.ORG, Konstantin Belousov <kostikbel@gmail.com>, Andrey Chernov <ache@FreeBSD.ORG>, markm@FreeBSD.ORG Subject: Re: svn commit: r238118 - head/lib/libc/gen Message-ID: <20120724123721.GA65519@zim.MIT.EDU> In-Reply-To: <4FF4AC3D.9070109@FreeBSD.org> References: <201207041951.q64JpPXu029310@svn.freebsd.org> <20120704200220.GM2337@deviant.kiev.zoral.com.ua> <20120704203239.GA42326@vniz.net> <4FF4AC3D.9070109@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jul 04, 2012, Doug Barton wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 07/04/2012 13:32, Andrey Chernov wrote: > > 1) /dev/urandom may not exist in jails/sandboxes > > That would be a pretty serious configuration error. Yes -- but the scary part is that arc4random() is not fail-safe at all. If /dev/random isn't there, you just silently get predictable "randomness". If you needed that randomness for cryptographic purposes you're out of luck; you might as well have used rot13. Using the sysctl doesn't fix the failure mode (in fact, as I recall the sysctl dubiously never reports failure even if there is no entropy), but there's a narrower set of circumstances under which the sysctl can fail.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120724123721.GA65519>