Re: svn commit: r239598 - head/etc/rc.d
On Thu, Sep 06, 2012 at 01:03:25PM -0700, David O'Brien (@FreeBSD) wrote:
> I already said an attacker could have a local login on the system.
> That would give them full knowledge of the kenv output.
> Same attacker can figure out the 'date' output from uptime, etc...
Note that this flies somewhat in the face of my argument for 'postrandom'
based on Schneier's writings on deleting the seed file after it used.
Please remember this is for better_than_nothing().
I like Arthur's patch that avoids calling better_than_nothing() if we
feed_dev_random() with ${entropy_file}.
--
-- David (obrien@FreeBSD.org)
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 27 之 29 篇):