In message <[EMAIL PROTECTED]> Peter Jeremy writes:
: On 2000-Jun-19 12:03:40 +1000, Warner Losh <[EMAIL PROTECTED]> wrote:
: >In message <[EMAIL PROTECTED]> "Jeroen C. van Gelderen" writes:
: >: Pseudo random numbers are so cheap (or they should be) that you 
: >: just don't want to try and 'optimize' here. It is much better to 
: >: be conservative and use a good PRNG until it *proves* to be very
: >: problematic.
: >
: >I disagree with this strongly.  PRNG have proven time and time again
: >to weaken security due to their less than random nature.  It is my
: >judgement that going down this path would be very bad, especially when 
: >cryptographically strong random number generators exist and are part
: >of the base FreeBSD system.  We should just use those...
: The PRNG in question is arc4random() - which AFAIK rates as
: "cryptographically strong".  I don't believe that mktemp(3) warrants
: the use of /dev/random (or even /dev/urandom).

I think we're in agreement.  I had thought I read it as "use
random(3)" for some reason....


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to