svn commit: r239569 - head/etc/rc.d
Arthur Mesh
arthurmesh at gmail.com
Fri Sep 14 23:15:10 UTC 2012
On Fri, Sep 14, 2012 at 10:49:14PM +0100, Mark Murray wrote:
> I can certainly trigger a reseed at will, but allowing external writes
> to overwhelm the system by doing a
>
> $ cat /dev/zero > /dev/random
>
> ... just ain't gonna happen. No, sir.
Has it been considered that /dev/random being "rw-rw-rw-" may be a bad
idea? What's the benefit of allowing unprivileged users reseeding
yarrow? Perhaps restricting it to "rw-r--r--" is a part of the solution
that may address potential system overwhelm by unprivileged users?
More information about the freebsd-security
mailing list