svn commit: r239598 - head/etc/rc.d
David O'Brien
obrien at FreeBSD.org
Thu Sep 6 21:36:43 UTC 2012
On Thu, Sep 06, 2012 at 01:03:25PM -0700, David O'Brien (@FreeBSD) wrote:
> I already said an attacker could have a local login on the system.
> That would give them full knowledge of the kenv output.
> Same attacker can figure out the 'date' output from uptime, etc...
Note that this flies somewhat in the face of my argument for 'postrandom'
based on Schneier's writings on deleting the seed file after it used.
Please remember this is for better_than_nothing().
I like Arthur's patch that avoids calling better_than_nothing() if we
feed_dev_random() with ${entropy_file}.
--
-- David (obrien at FreeBSD.org)
More information about the freebsd-rc
mailing list