>Number:         18346
>Category:       xsrc
>Synopsis:       xdm does not use /dev/urandom
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    xsrc-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Sep 20 05:31:01 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     matthew green
>Release:        NetBSD 1.6H
>Organization:
people's front against (bozotic) www (softwar foundation)
>Environment:
	
	
System: NetBSD fish-dances.eterna.com.au 1.6H NetBSD 1.6H (_fish_) #114: Fri Sep 13 14:37:50 EST 2002 mrg@fish-dances.eterna.com.au:/var/_fish_ i386
Architecture: i386
Machine: i386
>Description:

	xdm has the ability to use a /dev/urandom type device rather than
	reading megabytes from /dev/mem potentially causing system instability.
	we should use this other ability...

>How-To-Repeat:

	notice that xdm is really really broken.

>Fix:

	probably add a #ifdef NetBSDblahblah > 1.whatever/dev/urandom appeared
	in in NetBSD.cf, `#define HasDevUrandom', and in xdm/Imakefile, add a
	new bit of code like:

		#if HasDevUrandom
		DEVURANDOM_DEFINES = -DDEF_RANDOM_FILE=\"/dev/urandom\"
		#endif

	and then add $(DEVURANDOM_DEFINES) to LOCAL_LIBRARIES.


	or something.  i have half tested this but i won't have time for several
	weeks to finish it and it needs to be fixed soon.  the change to
	xdm/Imakefile could also be shared with other OS's that have /dev/urandom,
	so should probably be applicable to the upstream X sources. 


	this affects both xf3 and xf4 i guess... i was looking in xf4.
>Release-Note:
>Audit-Trail:
>Unformatted: