From owner-cvs-all  Tue Oct 24  9: 6:37 2000
Delivered-To: cvs-all@freebsd.org
Received: from grimreaper.grondar.za (adsl-63-206-96-212.dsl.snfc21.pacbell.net [63.206.96.212])
	by hub.freebsd.org (Postfix) with ESMTP
	id E574F37B479; Tue, 24 Oct 2000 09:06:32 -0700 (PDT)
Received: from grondar.za (mark@localhost [127.0.0.1])
	by grimreaper.grondar.za (8.11.1/8.11.1) with ESMTP id e9OG5sR04483;
	Tue, 24 Oct 2000 09:05:57 -0700 (PDT)
	(envelope-from mark@grondar.za)
Message-Id: <200010241605.e9OG5sR04483@grimreaper.grondar.za>
To: Warner Losh <imp@village.org>
Cc: Jesper Skriver <jesper@skriver.dk>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/etc rc 
References: <200010241256.GAA15067@harmony.village.org> 
In-Reply-To: <200010241256.GAA15067@harmony.village.org> ; from Warner Losh <imp@village.org>  "Tue, 24 Oct 2000 06:56:25 MDT."
Date: Tue, 24 Oct 2000 09:05:54 -0700
From: Mark Murray <mark@grondar.za>
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> In message <20001024124057.A4309@skriver.dk> Jesper Skriver writes:
> : On Mon, Oct 23, 2000 at 05:21:49PM -0600, Warner Losh wrote:
> : I have a idea, what about updating /entropy from cron every hour or so,
> : then if the box goes down hard for some reason, we'll have a entropy
> : file anyway ...
> 
> This is bad because it exposes the state, the current state, of the
> yarrow random engine to the world.  It is too insecure, imho, to do on
> a regular basis.  I had this same idea at bsdcon and this was pointed
> out.

Warner - you are mixing issues :-).

Yarrow suggests doing exactly what jesper suggests.

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message