cvs commit: src/games/fortune/fortune fortune.c
M. Warner Losh
imp at bsdimp.com
Sat Jul 23 19:09:38 GMT 2005
In message: <20050723064449.GZ842 at wantadilla.lemis.com>
"Greg 'groggy' Lehey" <grog at freebsd.org> writes:
: You should take a look at what I committed. It simply uses the
: microsecond value returned by getlocaltime() for the automatic seeding
: by srandomdev(). It fixes the problem. I can see only two
: explanations:
:
: 1. srandomdev(), random(4) or friends are broken.
: 2. random(4) has been initialized incorrectly.
:
: Currently I'm guessing (2), but I don't care much either way.
When sradnomdev() is broken, *DO*NOT* kludge around them by committing
half-baked "fixes" like you did. It is broken. We need to find out
the *REAL* cause of the problem. If Rush gets more quotes than
normal, and that annoys people to find the real problem, we shouldn't
mask it. It is a really bad choice from a security point of view.
Warner
More information about the freebsd-current
mailing list