Date: Thu, 11 Jan 2001 17:31:20 -0800 (PST) From: Matt Dillon <dillon@earth.backplane.com> To: Warner Losh <imp@harmony.village.org> Cc: Jordan Hubbard <jkh@winston.osd.bsdi.com>, Sheldon Hearn <sheldonh@uunet.co.za>, obrien@FreeBSD.ORG, Doug Barton <dougb@FreeBSD.ORG>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/etc crontab rc src/etc/defaults rc.conf src/etc/mtree BSD.root.dist src/libexec Makefile src/libexec/save-entropy Makefile save-entropy.sh Message-ID: <200101120131.f0C1VK980630@earth.backplane.com> References: <19283.979245383@winston.osd.bsdi.com> <200101112222.f0BMMNs75120@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
:I'm still not sure why we can't do something like: : : date > /dev/random : cat /bin/ls > /dev/random : fsck : mount the file systems : read in the entropy file : :Eg, toss some bone to the random pool. Sure, it will be highly :preditable, but for the mount commands it doesn't matter. We fix :before anything interesting happens. : :Warner I like this idea better then 'fixing' mount_mfs. There is nothing preventing one from including a number of sources... still predictable, but not really by an outside attacker and quite reasonable for filesystem mounting. date dmesg ls -lua / df -i / Stick with 'safe' programs that reside in /bin and /sbin... those not dependant on kvm or system structure sizes. Then we don't have to worry about special casing any codebases in the tree. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101120131.f0C1VK980630>