ProPolice: best way to fill canary
Jeremie Le Hen
jeremie at le-hen.org
Sat Jul 9 08:15:52 GMT 2005
Hi Mike,
On Fri, Jul 08, 2005 at 07:22:13PM -0500, Mike Silbersack wrote:
> On Fri, 8 Jul 2005, Jeremie Le Hen wrote:
> >The second method requires to introduce the kern.arnd sysctl
> >(KERN_ARND). FYI, note that NetBSD has kern.urandom (KERN_URND) and
> >they define KERN_ARND to be an alias to this.
>
> I don't see any problem with introducing such a sysctl, if it would make
> the propolice patch simpler.
Thanks for you answer. In that case, which sysctl should we use ?
* OpenBSD's kern.arnd (KERN_ARND) which is a front-end to
the arc4random() function ?
* NetBSD's kern.urandom (KERN_URND) which is using the rnd(4)
pseudo-device. They also have KERN_ARND in sysctl.h, which
is no more than a #define of KERN_URND, for compatibility
with OpenBSD.
Usually, I noticed that FreeBSD used to be as close as possible with
NetBSD. But I would like to hear the voice of a more experienced
hacker about this.
Thanks.
Best regards,
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
More information about the freebsd-hackers
mailing list