Re: CVS commit: src/sbin/newfs

To: David Laight <david%l8s.co.uk@localhost>
Subject: Re: CVS commit: src/sbin/newfs
From: "Perry E. Metzger" <perry%piermont.com@localhost>
Date: 04 Sep 2003 11:46:04 -0400

David Laight <david%l8s.co.uk@localhost> writes:
> > > Log Message:
> > > Randomise di_igen for the first 2 blocks of inodes for non-UFS2 
> > > filesystems.
> > > Randomise di_igen for "/" (and lost+found) for UFS2 filesystems.
> > 
> > Am I correct in stating you are using random() for this!? random() is
> > not even remotely secure enough for a security critical purpose. Its a
> > linear congruential generator, and not even a good one.
> 
> I'm just a bug-fixing monkey here...
> However fsirand only uses random() anyway, but does remember to do srandom()
> for what actual good it does!
> 
> Maybe arc4random() could be used instead?

I'm not a huge believer in arc4random(), but it would be a strict (and
indeed substantial) improvement over a linear congruential generator,
yes. I would suggest making the alteration, and in the longer run we
should discuss improved algorithms.

Perry
-- 
Perry E. Metzger                perry%piermont.com@localhost

Follow-Ups:
- Re: CVS commit: src/sbin/newfs
  - From: David Laight

References:
- CVS commit: src/sbin/newfs
  - From: David Laight
- Re: CVS commit: src/sbin/newfs
  - From: Perry E. Metzger
- Re: CVS commit: src/sbin/newfs
  - From: David Laight

Prev by Date: Re: CVS commit: src/sbin/newfs
Next by Date: CVS commit: src/sys
Previous by Thread: Re: CVS commit: src/sbin/newfs
Next by Thread: Re: CVS commit: src/sbin/newfs
Indexes:

Home | Main Index | Thread Index | Old Index