arc4random weakness
Steven Chamberlain
steven at pyro.eu.org
Wed Mar 15 13:06:30 UTC 2017
Steven Chamberlain wrote:
> Please consider switching to ChaCha20 in the long term (kern/182610),
> but right now, at least increase the amount of early keystream that is
> discarded.
Many, many thanks delphij+so for applying the latter change so quickly!
Also it is great to see INHERIT_ZERO was added to mmap(2)!
(It will avoid the overhead of a getpid(2) syscall on every call to
arc4random_buf(3) to determine if reseeding is needed. That wasn't
guaranteed reliable anyway; if you have forked twice, then by
chance/manipulation the new pid *could* be the same as the ancestor's).
Thanks!
Regards,
--
Steven Chamberlain
steven at pyro.eu.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: Digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20170315/831271b3/attachment.sig>
More information about the freebsd-security
mailing list