On Thu, Sep 20, 2012 at 11:32:53AM +0100, Jonathan Anderson wrote: > As I believe theraven@ pointed out a couple of days ago: it is very > silly indeed that we are taking data generated by the kernel (process .... I thought I had mentioned something like this in the rc.d thread, but it seems it was to an internal $WORK thread. It would seem to me that adding a 'initialize_devrandom_seeding' sysctl for use in 'initrandom' or the single-user user could be better than running userland commands (sysctl, dmesg, kenv) or being restricted to commands in /[s]bin where there are some interesting ones in /usr/bin that aren't available to 'initrandom'. This would allow us to specify >0 bits entropy from this data. -- -- David ([email protected]) _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"