Subject: Re: CVS commit: src/sbin/newfs
To: None <david@l8s.co.uk>
From: Jun-ichiro itojun Hagino <itojun@itojun.org>
List: source-changes
Date: 09/05/2003 11:21:00
> On Thu, Sep 04, 2003 at 03:30:38PM +0000, Jun-ichiro itojun Hagino wrote:
> >
> > Module Name: src
> > Committed By: itojun
> > Date: Thu Sep 4 15:30:38 UTC 2003
> >
> > Modified Files:
> > src/sbin/newfs: mkfs.c
> >
> > Log Message:
> > use arc4random(3). it is at least better than random(3)
> > XXX masked topmost bit so that values don't go negative, is it the right thing
> > to do?
>
> It would be better to suggest these changes to someone who has been
> looking at the sources recently, and knows what the numbers are for!
>
> Did you consider, for instance, what happens when sysinst runs newfs?
> - is /dev/urandom in the install kernels?
> - is KERN_URND defined (and implemented?)
then garbage on stack can probably stir arc4random(), and end result
will be not bad than random().
seriously, we should consider adding rnd(4) device to installation
kernel -
(1) every password generator uses random number as seed so passwd(1)
called from sysinst (for root password!) needs rnd(4).
(2) we may want to generate ssh host keys in boot floppy.
itojun