El vie, 28-01-2005 a las 19:07 +0100, Arjan van de Ven escribió: > On Fri, 2005-01-28 at 18:17 +0100, Lorenzo Hernández García-Hierro > wrote: > > Hi, > > > > Attached you can find a split up patch ported from grSecurity [1], as > > Linus commented that he wouldn't get a whole-sale patch, I was working > > on it and also studying what features of grSecurity can be implemented > > without a development or maintenance overhead, aka less-invasive > > implementations. > > > why did you make it a config option? This is the kind of thing that is > either good or isn't... at which point you can get rid of a lot of, if > not all the ugly ifdefs the patch adds.
I will remove the ifdef's, I've made it just from the usability POV, users may want the standard "randomization" schema, dunno. Anyway, I will remove those ifdef's and make it enabled-by-default. > Also, why does it need to enhance the random driver this much, the > random driver already has a facility to provide pseudorandom numbers > good enough for networking use (eg the PRNG rekeys often enough with > real entropy that brute forcing it shouldn't be possible). I will also remove the pool sizes increasing diffs from the patch. > If you can fix those 2 things the patch will look a lot cleaner and has > a lot higher chance to be merged. Sure, many thanks for pointing out that clearly. It will take a few minutes and then re-send the patch. Cheers, -- Lorenzo Hernández García-Hierro <[EMAIL PROTECTED]> [1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada digitalmente