svn commit: r239569 - head/etc/rc.d
Samuel Ports
emu at emu.so
Sat Sep 15 03:43:17 UTC 2012
Its useless chink.
Sent from my iPhone
On Sep 14, 2012, at 11:39 PM, Xin Li <delphij at delphij.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 9/14/12 7:18 PM, Samuel Ports wrote:
>> Omg cant an freebsd-entropy be created as mailing list already
>
> Nothing prevents you from unsubscribing this mailing list.
>
>> Sent from my iPhone
>>
>> On Sep 14, 2012, at 8:09 PM, RW <rwmaillists at googlemail.com>
>> wrote:
>>
>>> On Fri, 14 Sep 2012 17:25:59 +0100 Ben Laurie wrote:
>>>
>>>> On Fri, Sep 14, 2012 at 3:46 PM, RW
>>>> <rwmaillists at googlemail.com> wrote:
>>>>> On Fri, 14 Sep 2012 14:43:53 +0100 Ben Laurie wrote:
>>>>>
>>>>>> On Fri, Sep 14, 2012 at 2:38 PM, Bjoern A. Zeeb
>>>>>> <bz at freebsd.org> wrote:
>>>>>>> 7) send all data to the kernel and hash (arch dependent?)
>>>>>>> it + counter value into the buffer on overflow, as in
>>>>>>> b[n] = H(b[n] + c + i[n]) in the kernel (can control when
>>>>>>> buffer full and only then take action when needed,
>>>>>>> indepedent on how seed data is chosen, uses standard
>>>>>>> technology)
>>>>>>
>>>>>> IMO, this is the only good option.
>>>>>
>>>>> No it isn't. I means that the hashing is unconditional, so
>>>>> anyone that needs a faster boot needs to patch the kernel.
>>>>
>>>> Has anyone measured the cost of doing this? Also, if you really
>>>> want to turn it off, we could provide a flag.
>>>
>>> Yes, read the thread.
>>>
>>>>> It has no advantage whatsoever over a minor change to
>>>>> initrandom.
>>>>
>>>> It absolutely has. It applies to all inputs to /dev/random, not
>>>> just those that come from initrandom.
>>>
>>> If the rc script are written correctly it shouldn't matter, there
>>> no need to write to /dev/random after the boot - it wont do
>>> anything useful.
>>>
>>> It has no advantage over hashing the low-grade entropy in
>>> userland which is is just couple of lines difference in a shell
>>> script.
>>>
>>>> Also, should something get to write to it before initrandom,
>>>> initrandom's input would still be used.
>>>
>>> There's no reason to do that, so why do you think it matter?
>>> _______________________________________________
>>> freebsd-security at freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-security To
>>> unsubscribe, send any mail to
>>> "freebsd-security-unsubscribe at freebsd.org"
>> _______________________________________________
>> freebsd-security at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-security To
>> unsubscribe, send any mail to
>> "freebsd-security-unsubscribe at freebsd.org"
>>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
>
> iQEcBAEBCAAGBQJQU/hvAAoJEG80Jeu8UPuzW0sIAIzWmkzVABPNjBEJB5LCKUF2
> bhBC2Aapmr5mbxJOqON9j/XCccfcp97iZaQrdOwa7wTOe/7NNZgqDOr6Go2mcQNv
> SBkhPdi9CoQaAYUoZ65kn9L3UHODbZzDke7jC7LaDxK0tBUl2r+rnaNuwswSxlCU
> ZsyklowaaHvV9QOVzi1Th/4CrpBocjLjFheziI7reMpQA09+3aMZgVX2hJyU/pY7
> l1dB8ymMha4mJ5hYx+j3ZZw40biS9mtHtT+TC4GogQycupkKwxH5jnZGW27/PkY/
> ei54JvXCFzHtsyqh61M41Eo1YYo4zMpGphStOFZUYkdaYYz9Js1Qo/5b70/KRYQ=
> =KuMx
> -----END PGP SIGNATURE-----
More information about the freebsd-security
mailing list