From owner-svn-src-all@FreeBSD.ORG Tue Jul 24 12:37:23 2012 Return-Path: Delivered-To: svn-src-all@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E6EBD106564A; Tue, 24 Jul 2012 12:37:23 +0000 (UTC) (envelope-from das@FreeBSD.ORG) Received: from zim.MIT.EDU (ZIM.MIT.EDU [18.95.3.101]) by mx1.freebsd.org (Postfix) with ESMTP id 7C7778FC14; Tue, 24 Jul 2012 12:37:23 +0000 (UTC) Received: from zim.MIT.EDU (localhost [127.0.0.1]) by zim.MIT.EDU (8.14.5/8.14.2) with ESMTP id q6OCbLCP065583; Tue, 24 Jul 2012 08:37:21 -0400 (EDT) (envelope-from das@FreeBSD.ORG) Received: (from das@localhost) by zim.MIT.EDU (8.14.5/8.14.2/Submit) id q6OCbLvF065582; Tue, 24 Jul 2012 08:37:21 -0400 (EDT) (envelope-from das@FreeBSD.ORG) Date: Tue, 24 Jul 2012 08:37:21 -0400 From: David Schultz To: Doug Barton Message-ID: <20120724123721.GA65519@zim.MIT.EDU> Mail-Followup-To: Doug Barton , Andrey Chernov , Konstantin Belousov , Pawel Jakub Dawidek , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org, markm@freebsd.org References: <201207041951.q64JpPXu029310@svn.freebsd.org> <20120704200220.GM2337@deviant.kiev.zoral.com.ua> <20120704203239.GA42326@vniz.net> <4FF4AC3D.9070109@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4FF4AC3D.9070109@FreeBSD.org> Cc: src-committers@FreeBSD.ORG, Pawel Jakub Dawidek , svn-src-all@FreeBSD.ORG, svn-src-head@FreeBSD.ORG, Konstantin Belousov , Andrey Chernov , markm@FreeBSD.ORG Subject: Re: svn commit: r238118 - head/lib/libc/gen X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jul 2012 12:37:24 -0000 On Wed, Jul 04, 2012, Doug Barton wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 07/04/2012 13:32, Andrey Chernov wrote: > > 1) /dev/urandom may not exist in jails/sandboxes > > That would be a pretty serious configuration error. Yes -- but the scary part is that arc4random() is not fail-safe at all. If /dev/random isn't there, you just silently get predictable "randomness". If you needed that randomness for cryptographic purposes you're out of luck; you might as well have used rot13. Using the sysctl doesn't fix the failure mode (in fact, as I recall the sysctl dubiously never reports failure even if there is no entropy), but there's a narrower set of circumstances under which the sysctl can fail.