svn commit: r238118 - head/lib/libc/gen

David Schultz das at FreeBSD.ORG
Tue Jul 24 12:37:24 UTC 2012


On Wed, Jul 04, 2012, Doug Barton wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> On 07/04/2012 13:32, Andrey Chernov wrote:
> > 1) /dev/urandom may not exist in jails/sandboxes
> 
> That would be a pretty serious configuration error.

Yes -- but the scary part is that arc4random() is not fail-safe at
all.  If /dev/random isn't there, you just silently get
predictable "randomness".  If you needed that randomness for
cryptographic purposes you're out of luck; you might as well have
used rot13.  Using the sysctl doesn't fix the failure mode (in
fact, as I recall the sysctl dubiously never reports failure even
if there is no entropy), but there's a narrower set of
circumstances under which the sysctl can fail.


More information about the svn-src-head mailing list