Re: Collecting entropy from device_attach() times.

On Thu, Sep 20, 2012 at 11:32:53AM +0100, Jonathan Anderson wrote:
> As I believe theraven@ pointed out a couple of days ago: it is very
> silly indeed that we are taking data generated by the kernel (process
....

I thought I had mentioned something like this in the rc.d thread, 
but it seems it was to an internal $WORK thread.

It would seem to me that adding a 'initialize_devrandom_seeding' sysctl
for use in 'initrandom' or the single-user user could be better than
running userland commands (sysctl, dmesg, kenv) or being restricted to
commands in /[s]bin where there are some interesting ones in /usr/bin
that aren't available to 'initrandom'.

This would allow us to specify >0 bits entropy from this data.

-- 
-- David  (obrien@FreeBSD.org)
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"