ProPolice: best way to fill canary
Sam Leffler
sam at errno.com
Sat Jul 9 17:15:01 GMT 2005
Jeremie Le Hen wrote:
> Hi Mike,
>
> On Fri, Jul 08, 2005 at 07:22:13PM -0500, Mike Silbersack wrote:
>
>>On Fri, 8 Jul 2005, Jeremie Le Hen wrote:
>>
>>>The second method requires to introduce the kern.arnd sysctl
>>>(KERN_ARND). FYI, note that NetBSD has kern.urandom (KERN_URND) and
>>>they define KERN_ARND to be an alias to this.
>>
>>I don't see any problem with introducing such a sysctl, if it would make
>>the propolice patch simpler.
>
>
> Thanks for you answer. In that case, which sysctl should we use ?
>
> * OpenBSD's kern.arnd (KERN_ARND) which is a front-end to
> the arc4random() function ?
>
> * NetBSD's kern.urandom (KERN_URND) which is using the rnd(4)
> pseudo-device. They also have KERN_ARND in sysctl.h, which
> is no more than a #define of KERN_URND, for compatibility
> with OpenBSD.
>
> Usually, I noticed that FreeBSD used to be as close as possible with
> NetBSD. But I would like to hear the voice of a more experienced
> hacker about this.
>
I asked a certain person to add the obsd sysctl long ago but it never
happened.
Sam
More information about the freebsd-hackers
mailing list