Date: Sat, 21 Oct 2000 00:14:09 +0400 From: =?koi8-r?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.pp.ru> To: Mark Murray <mark@grondar.za> Cc: current@FreeBSD.ORG Subject: Re: entropy reseeding is totally broken Message-ID: <20001021001408.A26496@nagual.pp.ru> In-Reply-To: <200010201706.e9KH6bn02155@grimreaper.grondar.za>; from mark@grondar.za on Fri, Oct 20, 2000 at 10:06:37AM -0700 References: <20001020202753.A24895@nagual.pp.ru> <200010201706.e9KH6bn02155@grimreaper.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 20, 2000 at 10:06:37AM -0700, Mark Murray wrote: > > It seems I find the problem area. 4096 bytes written in rc.shutdown are > > not enough for reseeding. When I change them to 16384 bytes, it works! > > I'll commit working rc.shutdown variant. > > This is bogus. > > _Any_ randomness written to /dev/random is good enough to perturb the > sequence. > > Please do _not_ make that commit. Oops, sorry, already commited (I was not thinking it is principal, but it really fix potential security hole). I can back it out if you wish. But anything less then 16384 not reseed it. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001021001408.A26496>