matthew green <[EMAIL PROTECTED]> writes: > my point is that on modern systems we simply should not read > from /dev/mem for these purposes _ever_.
It would make some sense to read all the physical memory in the machine. Unfortunately, I'm not aware of any reasonably way to do that. Reading /dev/mem does something quite different. I was about to put /dev/mem reading into my own seed-generation program a while back, but then [EMAIL PROTECTED] explained to me that it was a really bad idea. A safer thing to do is to read the raw partitions on which /var, /tmp and perhaps also swap lives, but I gave up that plan after I read the GNU df source code looking for a way to get to a device, given a directory (such as /var) in the filesystem. But programs such as xdm should not do things like that, regular generation of cookies etc should use some decent randomness generator provided with the operating system, be that /dev/urandom or prngd or whatever. /Niels
