Re: CONFIG_RANDOM option for 1.99.2

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Pedro Roque Marques: "Tcp problems (with solaris)"
• Previous message: Daniel Kroening: "kernel: kill_fasync: bad magic number in fasync_struct!"
• In reply to: Paul Gortmaker: "CONFIG_RANDOM option for 1.99.2"
• Next in thread: Martin.Dalecki: "Re: CONFIG_RANDOM option for 1.99.2"
• Reply: Martin.Dalecki: "Re: CONFIG_RANDOM option for 1.99.2"
• Reply: Paul Gortmaker: "Re: CONFIG_RANDOM option for 1.99.2"

The random device is a fairly useful thing to have (I use it for
input values to "crashme" ;-) but there lots of people who don't
use it for anything. For those people, it would be useful to have a
CONFIG_RANDOM option, so that they can save a bit of space, and avoid
the small overhead associated with all the add_XXX_randomness() calls.

The original reason I didn't provide a CONFIG_RANDOM was because I
wanted security-oriented applications (i.e., Netscape, PGP, Kerberos,
etc.) to be able to assume that if they were on Linux, /dev/linux would
always be present. Good, secure numbers are absolutely vital for
programs that rely on cryptography. The most secure encryption system
in the world is useless if the attacker can guess the random numbers you
used to generate your crypto keys....

Note that if you just need input values to "crashme", a
non-cryptographically secure random number generator would be all that
you need.

The random driver also isn't all that big, and the overhead of the
add_XXX_randomness() calls were designed to be as small as possible.

- Ted

• Next message: Pedro Roque Marques: "Tcp problems (with solaris)"
• Previous message: Daniel Kroening: "kernel: kill_fasync: bad magic number in fasync_struct!"
• In reply to: Paul Gortmaker: "CONFIG_RANDOM option for 1.99.2"
• Next in thread: Martin.Dalecki: "Re: CONFIG_RANDOM option for 1.99.2"
• Reply: Martin.Dalecki: "Re: CONFIG_RANDOM option for 1.99.2"
• Reply: Paul Gortmaker: "Re: CONFIG_RANDOM option for 1.99.2"