In message: <20050723064449.GZ842_at_wantadilla.lemis.com> "Greg 'groggy' Lehey" <grog_at_freebsd.org> writes: : You should take a look at what I committed. It simply uses the : microsecond value returned by getlocaltime() for the automatic seeding : by srandomdev(). It fixes the problem. I can see only two : explanations: : : 1. srandomdev(), random(4) or friends are broken. : 2. random(4) has been initialized incorrectly. : : Currently I'm guessing (2), but I don't care much either way. When sradnomdev() is broken, *DO*NOT* kludge around them by committing half-baked "fixes" like you did. It is broken. We need to find out the *REAL* cause of the problem. If Rush gets more quotes than normal, and that annoys people to find the real problem, we shouldn't mask it. It is a really bad choice from a security point of view. WarnerReceived on Sat Jul 23 2005 - 17:09:38 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:39 UTC