On Mon, Aug 26, 2002 at 04:28:38PM +1000, matthew green wrote:
> wow, this is such a bad idea.
It originated upstream.
mmm, xdm.
In fact, judging by CVS logs it has been in xdm's source for many, many
years.
bad ideas often hang around for a long time. the only surprising
thing to me is how long this one has taken to surface...
> why don't you use /dev/urandom if it exists, as it does on pretty
> much all modern UNIX platforms?
>
> *shudder*
I see you haven't read the thread.
actually, i hadn't, but there wasn't very much there besides the
fact that people found it was xdm reading /dev/mem and a small
patch for debian to enable /dev/random (i'd suggest /dev/urandom).
my point is that on modern systems we simply should not read
from /dev/mem for these purposes _ever_. so far it has shown to
be unsafe on at least:
- ia64
- arm
- mips
- ultrasparc
i'm sure there are more...
i don't see the purpose in running the program you posted - we
shouldn't care whether it works, just don't do it. i'm going to
patch NetBSD xsrc shortly to fix this if it isn't already...
.mrg.
