Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 25 Jul 2005 15:37:02 -0700
From:      Nate Lawson <nate@root.org>
To:        "Matthew D. Fuller" <fullermd@over-yonder.net>
Cc:        Poul-Henning Kamp <phk@haven.freebsd.dk>, src-committers@FreeBSD.org, "Andrey A. Chernov" <ache@FreeBSD.org>, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org, Colin Percival <cperciva@FreeBSD.org>, Pawel Jakub Dawidek <pjd@FreeBSD.org>
Subject:   Re: cvs commit: src/games/fortune/fortune fortune.c
Message-ID:  <42E5698E.80501@root.org>
In-Reply-To: <20050725202519.GG32805@over-yonder.net>
References:  <20050724135738.GM46538@darkness.comp.waw.pl> <64009.1122213962@phk.freebsd.dk> <20050725202519.GG32805@over-yonder.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Matthew D. Fuller wrote:
> On Sun, Jul 24, 2005 at 04:06:02PM +0200 I heard the voice of
> Poul-Henning Kamp, and lo! it spake thus:
> 
>>Anyway, back in this universe:  We should not stick a lot of stuff
>>into our boot-time scripts, they are slow enough already.
> 
> 
> If it doesn't consume to much in its testing, it seems a logical
> candidate for one of the nightly or weekly runs.

Unfortunately, it won't actually buy us anything on the security front. 
    The entropy stored in / used to seed the PRNG has already been run 
through SHA-1.  And the output of the PRNG is obviously already run 
through SHA-1 also.  So any automatic test will not be able to 
distinguish the quality of the entropy from that of a simple counter.

-- 
Nate



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42E5698E.80501>