From owner-freebsd-current Sun Jun 18 19:46:18 2000 Delivered-To: freebsd-current@freebsd.org Received: from alcanet.com.au (mail.alcanet.com.au [203.62.196.10]) by hub.freebsd.org (Postfix) with ESMTP id 0585C37BB33 for ; Sun, 18 Jun 2000 19:46:14 -0700 (PDT) (envelope-from jeremyp@gsmx07.alcatel.com.au) Received: by border.alcanet.com.au id <115250>; Mon, 19 Jun 2000 12:46:10 +1000 Content-return: prohibited From: Peter Jeremy Subject: Re: mktemp() patch In-reply-to: <200006190201.UAA52489@harmony.village.org>; from imp@village.org on Mon, Jun 19, 2000 at 12:03:40PM +1000 To: Warner Losh Cc: current@FreeBSD.ORG Message-Id: <00Jun19.124610est.115250@border.alcanet.com.au> MIME-version: 1.0 X-Mailer: Mutt 1.0i Content-type: text/plain; charset=us-ascii References: <394124C3.221E61BC@vangelderen.org> <200006081724.TAA00705@grimreaper.grondar.za> <394124C3.221E61BC@vangelderen.org> <200006190201.UAA52489@harmony.village.org> Date: Mon, 19 Jun 2000 12:46:09 +1000 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 2000-Jun-19 12:03:40 +1000, Warner Losh wrote: >In message <394124C3.221E61BC@vangelderen.org> "Jeroen C. van Gelderen" writes: >: Pseudo random numbers are so cheap (or they should be) that you >: just don't want to try and 'optimize' here. It is much better to >: be conservative and use a good PRNG until it *proves* to be very >: problematic. > >I disagree with this strongly. PRNG have proven time and time again >to weaken security due to their less than random nature. It is my >judgement that going down this path would be very bad, especially when >cryptographically strong random number generators exist and are part >of the base FreeBSD system. We should just use those... The PRNG in question is arc4random() - which AFAIK rates as "cryptographically strong". I don't believe that mktemp(3) warrants the use of /dev/random (or even /dev/urandom). Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message