Date: Thu, 26 Oct 2000 15:56:41 -0700 From: Mark Murray <mark@grondar.za> To: Matt Dillon <dillon@earth.backplane.com> Cc: current@FreeBSD.ORG Subject: Re: entropy reseeding is totally broken Message-ID: <200010262256.e9QMugM01449@grimreaper.grondar.za> In-Reply-To: <200010262125.e9QLPwL53609@earth.backplane.com> ; from Matt Dillon <dillon@earth.backplane.com> "Thu, 26 Oct 2000 14:25:58 PDT." References: <200010262125.e9QLPwL53609@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Very wonderful ideas! It will take me a bit of time to implement this cleanly as I am not close enough to my Prime Development Platform, but I will do something as soon as possible. Consider it to be not less than two weeks, unless someone submits patches first. :-) M > :There is the problem that for each setup, there are many admins who > :will have a non-writable filesapce for at least one of (/ /var /boot /etc). > : > :Sure, there may not be a $PRIMARYSWAP, but if there is, it is IMO the best > :place to put stashed entropy. > > /etc/rc already assumes that /var is writable. I recommend that you make > that assumption by default... have the default entropy file be something > like "/var/db/entropy_seed" and allow the administrator to override it > with an RC variable. You could allow the administrator to select a > different entropy file and you could have another RC variable which allows > the administrator to set a command which, when executed, returns an > arbitrary sequence of bytes on its stdout to initialize entropy with. > > defaults (in /etc/defaults/rc.conf) (this is an example) > > entropy_file="/var/db/entropy_seed" > entropy_program="/sbin/gather_entropy -time -hostname -rootstatfs" > entropy_file_mode="RW" > > Example override: > > entropy_file="NO" > entropy_program="/usr/local/bin/my_special_entropy_program" > > Another example override: > > # seed with read-only entropy file and then gather additional > # entropy from other sources, like the time. > # > entropy_file_mode="RO" > entropy_program="/sbin/gather_entropy -network -time -keyboard_if_insufficient" > > etc... > > This would give us maximum flexibility, yet provide suitable defaults > for most sysinstall-based configurations. For example, this gives you > the ability to write an /sbin utility to do the more complex (or more > secure) entropy gathering as part of the boot process and then allow > the administrator to specify it with appropriate options to suit his > tastes, rather then having to build it into the kernel. > > Your /sbin program could deal with things like using swap instead of > an entropy file and so forth. I think if you did things this way it > would remove virtually all the pain developers are feeling from the > current state of affairs. > > :> lot happier. > : > ::-) I'd like your suggestion a lot more if you supplied some more concrete > :hints. I like KISS, and current evolution is looking a little wierd. I'd > :enjoy seeing a true/beautiful/simple solution - patches welcome. :-) > : > :M > > See above. > > -Matt > > :-- > :Mark Murray > :Join the anti-SPAM movement: http://www.cauce.org > -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010262256.e9QMugM01449>