Dmitrij D. Czarkoff wrote: > Stuart Henderson said: > > glib2 is a pretty clean port patch-wise. This sort of thing would be > > better done with proper autoconf etc so it can go upstream. > > Totally agree. It would be best if upstream would maintain the code. > They could benefit from arc4random on other BSDs and libbsd-enabled > platforms as well.
Makes sense - I'm working on this now. Anecdocally, libbsd's arc4random is not necessarily secure. IIUC the code isn't as glaringly dangerous as g_rand*, but it will seed with only the time and PID if other sources fail. I think we should avoid conflating BSDs' arc4randoms with libbsd's.