| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 7 Sep 2011 17:43:16 -0400 From: Steve Grubb <sgrubb@...hat.com> To: Jarod Wilson <jarod@...hat.com> Cc: Sasha Levin <levinsasha928@...il.com>, "Ted Ts'o" <tytso@....edu>, linux-crypto@...r.kernel.org, Matt Mackall <mpm@...enic.com>, Neil Horman <nhorman@...hat.com>, Herbert Xu <herbert.xu@...hat.com>, Stephan Mueller <stephan.mueller@...ec.com>, lkml <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] random: add blocking facility to urandom On Wednesday, September 07, 2011 05:35:18 PM Jarod Wilson wrote: > Another proposal that has been kicked around: a 3rd random chardev, > which implements this functionality, leaving urandom unscathed. Some > udev magic or a driver param could move/disable/whatever urandom and put > this alternate device in its place. Ultimately, identical behavior, but > the true urandom doesn't get altered at all. Right, and that's what I was trying to say is that if we do all that and switch out urandom with something new that does what we need, what's the difference in just patching the behavior into urandom and calling it a day? Its simpler, less fragile, admins won't make mistakes setting up the wrong one in a chroot, already has the FIPS-140 dressing, and is auditable. -Steve -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists