From owner-freebsd-audit Mon Nov 29 20: 3:19 1999 Delivered-To: freebsd-audit@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 21BF715759; Mon, 29 Nov 1999 20:03:00 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 0ED5E1CD41E; Mon, 29 Nov 1999 20:02:59 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Mon, 29 Nov 1999 20:02:59 -0800 (PST) From: Kris Kennaway To: Matthew Dillon Cc: Doug Barton , Dan Moschuk , arch@FreeBSD.ORG, audit@FreeBSD.ORG Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h In-Reply-To: <199911300205.SAA13833@apollo.backplane.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 29 Nov 1999, Matthew Dillon wrote: > :There will probably end up being 20 or so randomized features in the > :kernel, most of them trivial (~1 line) patches. As long as they're > :sysctl'able, is it really necessary to have each of them optionable? > > What if we just has a general security randomization option that > applied to all of them, and then a sysctl to cover each of them? > That would cover my concerns. Hmm. I think this would be an acceptable compromise provided it's in GENERIC. Boot floppies and the anti-bloat brigade can leave it out if they want to save that extra 1k :-) The only thing is that in many cases we'd end up doing the equivalent of: #ifdef RANDOM_SECURITY i = arc4random(); #else i = random(); #endif Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message