On Mon, Nov 14, 2011 at 06:08:55PM -0500, David Schultz wrote: > Not quite. OpenBSD's implementation is more careful. I just > noticed a funny thing about FreeBSD's KERN_ARND sysctl: If the > random device isn't (or can't be) loaded, KERN_ARND silently > decides to initialize itself with the output of random(). This > means that whatever minuscule amount of entropy it might have > picked up from the clock is reduced to a maximum of 31 bits. > That's a fantastic way to provide a false sense of security... I agree. Lets separate two things: "no /dev/random for jails" and "no random kernel module is loaded". IMHO kernel module should _not_ be optional anymore, it solves problem you describe and all similar problems at once. Adding KERN_ARND to arc4random() at this moment solves "no /dev/random for jails" problem alone and _not_ pretends to solve "no random kernel module is loaded" problem. When random kernel module will become non-optional, KERN_ARND automagically makes good security in that place too. P.S. Do I answer your doubts about &rdat key initialization in my prev. posting? -- http://ache.vniz.net/Received on Mon Nov 14 2011 - 23:44:46 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:20 UTC