On Tue, Mar 27, 2018 at 04:51:08PM +0300, Ilya Smith wrote:
> > /dev/[u]random is not sufficient?
>
> Using /dev/[u]random makes 3 syscalls - open, read, close. This is a
> performance
> issue.
You may want to take a look at the getrandom(2) system call, which is
the recommended way getting secure random numbers from the kernel.
> > Well, I am pretty sure userspace can implement proper free ranges
> > tracking…
>
> I think we need to know what libc developers will say on implementing ASLR in
> user-mode. I am pretty sure they will say ‘nether’ or ‘some-day’. And problem
> of ASLR will stay forever.
Why can't you send patches to the libc developers?
Regards,
- Ted
