From owner-freebsd-current Fri Jul 21 18:57:22 2000 Delivered-To: freebsd-current@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 9F5F737B6CB; Fri, 21 Jul 2000 18:57:19 -0700 (PDT) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id SAA78986; Fri, 21 Jul 2000 18:57:19 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Fri, 21 Jul 2000 18:57:19 -0700 (PDT) From: Kris Kennaway To: Mark Murray Cc: David Scheidt , current@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak In-Reply-To: <200007212002.WAA01222@grimreaper.grondar.za> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 21 Jul 2000, Mark Murray wrote: > If you are worried about someone reading the disk of a rebooting box, > then you need to be worried about console access; if your attacker has > console, you are screwed anyway. For most people, yes. But it's like all of the buffer overflows in non-setuid utilities: they're not security risks for the vast majority of users, but who's to say there won't be a situation somewhere when it is one. Better not to take the risk, since it's not necessary here. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message