> > For joe-user imho it's better to do a check from a cronjob once a day. But > > for > > high demand security, maybe make it pluggable? Like that a user can plug-in > > some > > module which does the testing? Then you can have several kinds of tests > > depending on your needs. > In my old 2.4 patch there was a sysctl to turn off the kernel reseeding. > If you turn it off you can do it in user space. That might be > an option for the clinical paranoid. > BTW what do you do when the FIPS test fails? I dont see a good fallback > path for this case.
Send a message to klogd and let read() block untill the test no longer fails. Folkert van Heusden Auto te koop! Zie: http://www.vanheusden.com/daihatsu.php Op zoek naar een IT of Finance baan? Mail me voor de mogelijkheden! +------------------------------------------------------------------+ |UNIX admin? Then give MultiTail (http://vanheusden.com/multitail/)| |a try, it brings monitoring logfiles to a different level! See | |http://vanheusden.com/multitail/features.html for a feature list. | +------------------------------------------= www.unixsoftware.nl =-+ Phone: +31-6-41278122, PGP-key: 1F28D8AE Get your PGP/GPG key signed at www.biglumber.com! - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/