On 2000-Jun-19 12:03:40 +1000, Warner Losh <[EMAIL PROTECTED]> wrote:
>In message <[EMAIL PROTECTED]> "Jeroen C. van Gelderen" writes:
>: Pseudo random numbers are so cheap (or they should be) that you
>: just don't want to try and 'optimize' here. It is much better to
>: be conservative and use a good PRNG until it *proves* to be very
>: problematic.
>
>I disagree with this strongly. PRNG have proven time and time again
>to weaken security due to their less than random nature. It is my
>judgement that going down this path would be very bad, especially when
>cryptographically strong random number generators exist and are part
>of the base FreeBSD system. We should just use those...
The PRNG in question is arc4random() - which AFAIK rates as
"cryptographically strong". I don't believe that mktemp(3) warrants
the use of /dev/random (or even /dev/urandom).
Peter
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
