From owner-freebsd-audit Fri Nov 26 20: 7:19 1999 Delivered-To: freebsd-audit@freebsd.org Received: from november.jaded.net (november.jaded.net [216.94.113.4]) by hub.freebsd.org (Postfix) with ESMTP id ECB9D14D49; Fri, 26 Nov 1999 20:07:17 -0800 (PST) (envelope-from dan@november.jaded.net) Received: (from dan@localhost) by november.jaded.net (8.9.3/8.9.3+trinsec_nospam) id XAA18577; Fri, 26 Nov 1999 23:07:13 -0500 (EST) Date: Fri, 26 Nov 1999 23:07:13 -0500 From: Dan Moschuk To: Warner Losh Cc: Dan Moschuk , freebsd-audit@FreeBSD.ORG Subject: Re: The ball starts rolling Message-ID: <19991126230713.C18496@november.jaded.net> References: <19991126224819.A18496@november.jaded.net> <199911270349.UAA47680@harmony.village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: <199911270349.UAA47680@harmony.village.org>; from Warner Losh on Fri, Nov 26, 1999 at 08:49:44PM -0700 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG | : To get the ball rolling, I've put online my patch to randomize the order which | : PIDs follow. If all goes well, I expect to commit this sometime over the | : weekend, followed by another commit the following week to replace the PRNG | : with something a little better than random(). | | What's wrong with the original cryptographically strong randomizer in | OpenSBD? Absolutely nothing. Last I checked, they used RC4, which is fairly fast and efficient for the kernel. However, I'm still debating whether or not it's actually _needed_. IMHO, OpenBSD takes somethings beyond the point of paranoid overkill, but in this secnario I don't think it would hurt either way. *shrug* -- Dan Moschuk (TFreak!dan@freebsd.org) "Try not. Do, or do not. There is no try." -- Yoda To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message