Subject: Re: CVS commit: src/sbin/newfs
To: David Laight <firstname.lastname@example.org>
From: Perry E. Metzger <email@example.com>
Date: 09/04/2003 11:46:04
David Laight <firstname.lastname@example.org> writes:
> > > Log Message:
> > > Randomise di_igen for the first 2 blocks of inodes for non-UFS2 filesystems.
> > > Randomise di_igen for "/" (and lost+found) for UFS2 filesystems.
> > Am I correct in stating you are using random() for this!? random() is
> > not even remotely secure enough for a security critical purpose. Its a
> > linear congruential generator, and not even a good one.
> I'm just a bug-fixing monkey here...
> However fsirand only uses random() anyway, but does remember to do srandom()
> for what actual good it does!
> Maybe arc4random() could be used instead?
I'm not a huge believer in arc4random(), but it would be a strict (and
indeed substantial) improvement over a linear congruential generator,
yes. I would suggest making the alteration, and in the longer run we
should discuss improved algorithms.
Perry E. Metzger email@example.com