Date: Fri, 12 Jan 2001 17:02:41 -0700 (MST) From: Nate Williams <nate@yogotech.com> To: Mark Murray <mark@grondar.za> Cc: Doug Barton <DougB@gorean.org>, Warner Losh <imp@harmony.village.org>, Sheldon Hearn <sheldonh@uunet.co.za>, markm@FreeBSD.ORG, freebsd-current@FreeBSD.ORG Subject: Re: entropy bikesheds Message-ID: <14943.39713.160666.695146@nomad.yogotech.com> In-Reply-To: <200101120619.f0C6JQI12558@gratis.grondar.za> References: <Pine.BSF.4.31.0101111441370.11112-100000@dt051n37.san.rr.com> <200101120619.f0C6JQI12558@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
> Can we decide this, please - do we want secure startup (which will > take some effort to achieve), or can we say "screw it" and start > insecure like the old system? Can we have both? Ie; by default we are insecure until some point we call an ioctl() that says 'no more, you must get real randomness now'. So, that way we can do the stuff that doesn't require real randomness (like mounting disks and such), and then once that's over with, the system forces it into 'secure' mode, at which time it's up to the user to supply some randomness for it. If that happens, a user could decide comment out the 'real secure' thing, and /dev/random would never block. You can all laugh at me now. :) Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14943.39713.160666.695146>