On Wed, 25 Dec 2013 22:24:27 +0100 Pawel Jakub Dawidek wrote: > We could do the same for save-entropy. It would be even nicer to have > some flag so that even sysctl(8) is not executed. The only security consideration here is that a bug in that conditional test might prevent entropy being saved. The benefit is saving a few KBs of disk space and a few cpu cycles a few times an hour. Tiny risk, even tinier benefit IMO. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"