David Laight <david@l8s.co.uk> writes:
> > > Log Message:
> > > Randomise di_igen for the first 2 blocks of inodes for non-UFS2 filesystems.
> > > Randomise di_igen for "/" (and lost+found) for UFS2 filesystems.
> > 
> > Am I correct in stating you are using random() for this!? random() is
> > not even remotely secure enough for a security critical purpose. Its a
> > linear congruential generator, and not even a good one.
> 
> I'm just a bug-fixing monkey here...
> However fsirand only uses random() anyway, but does remember to do srandom()
> for what actual good it does!
> 
> Maybe arc4random() could be used instead?

I'm not a huge believer in arc4random(), but it would be a strict (and
indeed substantial) improvement over a linear congruential generator,
yes. I would suggest making the alteration, and in the longer run we
should discuss improved algorithms.

Perry
-- 
Perry E. Metzger		perry@piermont.com