-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Alan" == Alan DeKok <[EMAIL PROTECTED]> writes:
>> Short of opening /dev/random and seeding it myself, is there something
>> that is more strongly seeded already present in the tree?
Alan> No. I would suggest opening /dev/random, but that blocks, which is
Alan> bad.
My notion is to fork a process that does:
socketpair(), set write buffer to small if possible.
while(!noerrors)
{
char buf[4096];
read(devrandomfd, buf, 16);
write(pipetoparent, buf, 4096-ish);
}
Such that the write essentially always blocks.
The parent can then read from the pipe, knowing it will likely always be
full, while not screwing all of the entropy from the system. However, this
depends upon making the write() block quickly, which might not be easy in
all systems.
] Out and about in Ottawa. hmmm... beer. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian/notebook using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys - custom hacks make this fully PGP2 compat
iQCVAwUBP2MrbYqHRg3pndX9AQHckQP/dfKPo0ejzSPA10Ow32bx0JxO5eSfbbDd
Um/HpoB1nr1Jkv9R7THQg5LKO1ChuQcw8+jcl6t4uXrPzgZBxxqwMmvJ0iTz6nGg
WMLcKL9LizDPXlsY9DIXwsmzQSdqW18mHJ66ctVZua2KAKhzPloJ3mtQddcOvtK4
7OwLwtood9w=
=LnqX
-----END PGP SIGNATURE-----
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
