From owner-freebsd-security@FreeBSD.ORG  Tue Sep 18 08:13:56 2012
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 764FB106564A;
	Tue, 18 Sep 2012 08:13:56 +0000 (UTC)
	(envelope-from benlaurie@gmail.com)
Received: from mail-vc0-f182.google.com (mail-vc0-f182.google.com
	[209.85.220.182])
	by mx1.freebsd.org (Postfix) with ESMTP id C29D38FC1B;
	Tue, 18 Sep 2012 08:13:55 +0000 (UTC)
Received: by vcbfw7 with SMTP id fw7so10606102vcb.13
	for <multiple recipients>; Tue, 18 Sep 2012 01:13:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=mime-version:sender:in-reply-to:references:date
	:x-google-sender-auth:message-id:subject:from:to:cc:content-type;
	bh=pT3VFemkei+4oZ7/GrI9Fe+A1Bg49GDN+N83tuABqfo=;
	b=qxhio3nVV2STw8Du8RS2boiaaDKXnanfL37tGHXV8+6GGkZvQOEGmLSDlmBQcYGMCf
	6+rYZP4h6Quv3ImMt9yvyx23fNrmIcMQp4AbYez5v9/Bv4oLVDpfdm7D1mtBF3eMbTIN
	f8eCXT1EOLd2iHC/219K+2jiuxuAiPKjSVAtYM++P1/u1F7DP8lU47W3BYRQsEpE2xLv
	WNQAWl+ru6OK+3cm/Hlkinb1iukTnbwTMshcrWOWazAnzvqyUJGxxNRY0RUMTLPEp/Zg
	A6o0tMk65TjvPTM8EbhfO7/C+YytlxXDVShPb+xxfeOfIg+wC+Le6scIVoQFszVmsJ1G
	XPCQ==
MIME-Version: 1.0
Received: by 10.52.38.40 with SMTP id d8mr4692993vdk.67.1347956028629; Tue, 18
	Sep 2012 01:13:48 -0700 (PDT)
Sender: benlaurie@gmail.com
Received: by 10.58.79.243 with HTTP; Tue, 18 Sep 2012 01:13:48 -0700 (PDT)
In-Reply-To: <50564446.80606@FreeBSD.org>
References: <50453686.9090100@FreeBSD.org> <20120912213141.GI14077@x96.org>
	<20120913052431.GA15052@dragon.NUXI.org>
	<alpine.BSF.2.00.1209131258210.13080@ai.fobar.qr>
	<alpine.BSF.2.00.1209141336170.13080@ai.fobar.qr>
	<E1TCXN0-000NFT-7I@groundzero.grondar.org>
	<CAG5KPzwOdCkybj3D5uic1KC-pwW-pewgsrqrXg60f5SJjtzYPw@mail.gmail.com>
	<E1TCbDG-0002Hz-9D@groundzero.grondar.org>
	<CAG5KPzzRxzVX-+9fYjRdqjY-wScbM6AA7GYtLmktgMG0Zg8iyQ@mail.gmail.com>
	<E1TCbSz-0007CJ-BI@groundzero.grondar.org>
	<CAG5KPzyJNmXRfxtPPrdc2zVCsxGtDfJT79YC3a1PNUfOOSzt8A@mail.gmail.com>
	<E1TCcIq-000Brr-Ex@groundzero.grondar.org>
	<CAG5KPzwEESg7iUb2+-kAN+k55M95BZjh5VaSvxzSsSCVuZ9kMw@mail.gmail.com>
	<E1TCdlD-000C1N-4g@groundzero.grondar.org>
	<CAG5KPzzFO1H5Wcx34oXi09=aJqg5w+XWSd8fnn0Byvpy_8+-rA@mail.gmail.com>
	<E1TCpk1-000N2H-Vq@groundzero.grondar.org>
	<CAG5KPzymZY0ua2cAkzB-MK54G2WbWYi9J01c8YW4F9LOdVvc9A@mail.gmail.com>
	<E1TDHb0-000FIh-0Z@groundzero.grondar.org>
	<50564446.80606@FreeBSD.org>
Date: Tue, 18 Sep 2012 09:13:48 +0100
X-Google-Sender-Auth: ITwjvANm9ujp9oP0lsrsuFUlhq0
Message-ID: <CAG5KPzxPkZUtQK6kT2tYdjngcLW+aSy9c24QYGrLrepQNOwnHA@mail.gmail.com>
From: Ben Laurie <benl@freebsd.org>
To: Doug Barton <dougb@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Cc: Arthur Mesh <arthurmesh@gmail.com>,
	Ian Lepore <freebsd@damnhippie.dyndns.org>,
	freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com>
Subject: Re: Proposed fix; stage 1 (Was: svn commit: r239569 - head/etc/rc.d)
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Sep 2012 08:13:56 -0000

On Sun, Sep 16, 2012 at 10:27 PM, Doug Barton <dougb@freebsd.org> wrote:
> Finally, I still think that making changes to the entropy-feeding
> methods in initrandom or random are premature until we have a chance to
> review Arthur's work on what's actually happening with the buffer. Until
> we know where the problems are, we're only guessing as to what the fixes
> should be.

I agree that buffering should be addressed first.