On Mon, Aug 26, 2002 at 09:10:54PM +0200, Marcus Brinkmann wrote:
> On Mon, Aug 26, 2002 at 12:50:22PM -0500, Branden Robinson wrote:
> > > I can't believe he actually intends to keep it like this..
> >
> > I'm going to #define DEV_RANDOM /dev/random for Linux systems.
>
> That's bad, because tha
OK folks, the banter is getting excessive. I'll have to bail if the dialog
can't be kept more point to point instead of broadcast.
[EMAIL PROTECTED]
-Original Message-
From: Marcus Brinkmann
To: [EMAIL PROTECTED]; debian-x@lists.debian.org
Sent: 8/26/02 3:59 PM
Subject: Re: a small C pr
On Mon, Aug 26, 2002 at 02:44:26PM -0500, Branden Robinson wrote:
> On Mon, Aug 26, 2002 at 03:28:18PM -0400, Jeff Sheinberg wrote:
> > Why does anyone need to read megabytes of urandom?
>
> Nobody does. Or, at least, xdm doesn't. Markus is opining without the
> benefit of having checked the fac
On Mon, Aug 26, 2002 at 02:43:09PM -0500, Branden Robinson wrote:
> xdm doesn't read the same amount of data when it's reading from a
> (presumably) entropic device node.
I didn't assume that.
> It reads eight size_t's. Surely that is not excessive.
It's eight size_t's good entropy wasted for n
On Mon, Aug 26, 2002 at 03:28:18PM -0400, Jeff Sheinberg wrote:
> Why does anyone need to read megabytes of urandom?
Nobody does. Or, at least, xdm doesn't. Markus is opining without the
benefit of having checked the facts.
--
G. Branden Robinson| What influenced me to athe
On Mon, Aug 26, 2002 at 09:10:54PM +0200, Marcus Brinkmann wrote:
> On Mon, Aug 26, 2002 at 12:50:22PM -0500, Branden Robinson wrote:
> > > I can't believe he actually intends to keep it like this..
> >
> > I'm going to #define DEV_RANDOM /dev/random for Linux systems.
>
> That's bad, because tha
Marcus Brinkmann writes:
> On Mon, Aug 26, 2002 at 12:50:22PM -0500, Branden Robinson wrote:
> > > I can't believe he actually intends to keep it like this..
> >
> > I'm going to #define DEV_RANDOM /dev/random for Linux systems.
>
> That's bad, because that will drain the entropy a lot, and
On Mon, Aug 26, 2002 at 08:16:06PM +0100, Matthew Wilcox wrote:
> On Mon, Aug 26, 2002 at 09:10:54PM +0200, Marcus Brinkmann wrote:
> > Also, reading /dev/mem doesn't sound very secure at all (even if it works)
> > because the patterns in the memory of a computer are probably predictable
> > and a
On Mon, Aug 26, 2002 at 09:10:54PM +0200, Marcus Brinkmann wrote:
> Also, reading /dev/mem doesn't sound very secure at all (even if it works)
> because the patterns in the memory of a computer are probably predictable
> and a lot of information can be observed from the outside (which processes
> a
On Mon, Aug 26, 2002 at 12:50:22PM -0500, Branden Robinson wrote:
> > I can't believe he actually intends to keep it like this..
>
> I'm going to #define DEV_RANDOM /dev/random for Linux systems.
That's bad, because that will drain the entropy a lot, and it might
block for a long time, and that f
On Mon, Aug 26, 2002 at 10:23:06AM -0400, Joey Hess wrote:
> matthew green wrote:
> > bad ideas often hang around for a long time. the only surprising
> > thing to me is how long this one has taken to surface...
>
> Perhaps Branden is gathering information about what a bad idea this
> really is,
On Mon, Aug 26, 2002 at 09:06:00AM -0400, Carlos O'Donell wrote:
> Done. I've submitted the output for HPPA boxes running 32 and 64-bit
> kernels. Looks like they pass without any problem. I'll pass on the
yes, but it may well crash them. some parts of /dev/mem map random IO
addresses which may
matthew green wrote:
> bad ideas often hang around for a long time. the only surprising
> thing to me is how long this one has taken to surface...
Perhaps Branden is gathering information about what a bad idea this
really is, to show upstream the error of their ways. I can't believe he
actually i
Branden,
> The long story, for those interested:
> http://lists.debian.org/debian-x/2002/debian-x-200208/msg00091.html
> (and read the whole thread)
> The short story:
> I need people with root on machines of your given architecture to
> compile and run the attached C program. It consists of cod
matthew green <[EMAIL PROTECTED]> writes:
> my point is that on modern systems we simply should not read
> from /dev/mem for these purposes _ever_.
It would make some sense to read all the physical memory in the
machine. Unfortunately, I'm not aware of any reasonably way to do
that. Reading /dev/
Previously Kimmo K. I. Surakka wrote:
> I think the "safe" way of getting random data without a decent random
> source would be to write one. This, however, would be more that just
> a small patch.
There is existing code to generate randomness from userland, look at
what current OpenSSH does for e
According to http://mail-index.netbsd.org/current-users/2002/08/26/.html,
NetBSD is moving to a dynamically linked /bin and /sbin, with /rescue being
the statically linked rescue binaries. Or probably is, anyway. It looks
like the decision to move ld_elf.so into /lib rather than /libexec was
mi
> On Mon, Aug 26, 2002 at 05:04:26PM +1000, matthew green wrote:
> > actually, i hadn't, but there wasn't very much there besides the
> > fact that people found it was xdm reading /dev/mem and a small
> > patch for debian to enable /dev/random (i'd suggest /dev/urandom).
>
> If any of these it shou
Filip Van Raemdonck <[EMAIL PROTECTED]> wrote:
> On Mon, Aug 26, 2002 at 05:04:26PM +1000, matthew green wrote:
> > actually, i hadn't, but there wasn't very much there besides the
> > fact that people found it was xdm reading /dev/mem and a small
> > patch for debian to enable /dev/random (i'd sug
On Mon, 26 Aug 2002 17:04:26 +1000
"matthew green" <[EMAIL PROTECTED]> wrote:
> actually, i hadn't, but there wasn't very much there besides the
> fact that people found it was xdm reading /dev/mem and a small
> patch for debian to enable /dev/random (i'd suggest /dev/urandom).
>
> my point is th
Hi,
On Mon, Aug 26, 2002 at 05:04:26PM +1000, matthew green wrote:
>
> > > why don't you use /dev/urandom if it exists, as it does on pretty
> > > much all modern UNIX platforms?
> >
> > I see you haven't read the thread.
>
>
> actually, i hadn't, but there wasn't very much there besides the
Hello !
I'll run it later on different alphas, but I checked it on a
ppc-machine running AIX if this is of any interest to you:
[EMAIL PROTECTED]: /root # ./readmem.aix.x
Reading data from /dev/mem...
read #2 of 8192 bytes
...
read #1024 of 8192 bytes
done with read of /dev/mem (returned 1).
su
On Mon, Aug 26, 2002 at 04:28:38PM +1000, matthew green wrote:
> wow, this is such a bad idea.
It originated upstream.
mmm, xdm.
In fact, judging by CVS logs it has been in xdm's source for many, many
years.
bad ideas often hang around for a long time. the only surpris
On Mon, Aug 26, 2002 at 04:28:38PM +1000, matthew green wrote:
> wow, this is such a bad idea.
It originated upstream.
In fact, judging by CVS logs it has been in xdm's source for many, many
years.
> why don't you use /dev/urandom if it exists, as it does on pretty
> much all modern UNIX platfor
Be warned: on at least some architectures (notably IA-64), this sort of
read has been known to cause untrapped machine checks (a.k.a., lockups
or spontaneous reboots). Arguably the kernel should trap this sort of
nonsense, so you may be in the mood to file a bug against "kernel" af
The long story, for those interested:
http://lists.debian.org/debian-x/2002/debian-x-200208/msg00091.html
(and read the whole thread)
The short story:
I need people with root on machines of your given architecture to
compile and run the attached C program. It consists of code borrowed
from xdm
26 matches
Mail list logo
