Subject: Re: kernel ip_randomid() and libc randomid(3) still "broken"
To: Simon Burge <firstname.lastname@example.org>
From: Thor Lancelot Simon <email@example.com>
Date: 11/14/2003 18:14:44
On Sat, Nov 15, 2003 at 10:11:55AM +1100, Simon Burge wrote:
> A couple of months ago there was a discussion about ip_randomid() and
> the related randomid(3) libc function being able to return consecutive
> IDs every now and then. Should we disable these functions until they
> are fixed to not show this behaviour? I've added a regression test
> for this too.
Yes. Didn't we also pretty much reach consensus that most of the uses
of these functions that Itojun added to our tree should be disabled by
default? I must admit that I am mystified as to why they are still
there. The code is broken; its security benefit is questionable; in
at least one case, a far better -- because it doesn't repeat -- and
cheaper -- because it avoids the math -- approach is well-known and in
use in Solaris. Why are we stuck with the status quo as of months ago?
Thor Lancelot Simon firstname.lastname@example.org
But as he knew no bad language, he had called him all the names of common
objects that he could think of, and had screamed: "You lamp! You towel! You
plate!" and so on. --Sigmund Freud