[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: a small C program to test xdm's /dev/mem reading on your architecture



matthew green <mrg@eterna.com.au> writes:

> my point is that on modern systems we simply should not read
> from /dev/mem for these purposes _ever_.

It would make some sense to read all the physical memory in the
machine. Unfortunately, I'm not aware of any reasonably way to do
that. Reading /dev/mem does something quite different.

I was about to put /dev/mem reading into my own seed-generation
program a while back, but then art@openbsd explained to me that it was
a really bad idea. A safer thing to do is to read the raw partitions
on which /var, /tmp and perhaps also swap lives, but I gave up that
plan after I read the GNU df source code looking for a way to get to a
device, given a directory (such as /var) in the filesystem.

But programs such as xdm should not do things like that, regular
generation of cookies etc should use some decent randomness generator
provided with the operating system, be that /dev/urandom or prngd or
whatever.

/Niels



Reply to: