Re: CONFIG_RANDOM option for 1.99.2

Robert L Krawitz (rlk@tiac.net)
Wed, 15 May 1996 17:16:55 -0400


Date: Wed, 15 May 1996 14:22:28 -0400
From: "Theodore Y. Ts'o" <tytso@mit.edu>
Cc: linux-kernel@vger.rutgers.edu

From: Martin Mares <mj@k332.feld.cvut.cz>
Date: Wed, 15 May 1996 19:40:38 +0200 (MET DST)

No, I didn't say /dev/random should be repaced by LCG, I said if
someone decides to disable /dev/random, there should be a
_kernel_ function purely for inside-kernel random number
generation (for such cases as the BOOP code).

Yes, but what if the kernel needs high-quality random numbers? Some of
the schemes which prevent the sequence-numbering attacks that allow
crackers to hijack TCP connections require good random numbers.

What if someone's running in very tight memory (2-4 MB) and for one
reason or another doesn't care about crackers (isn't on the net, or
just doesn't care about security)? The only feasible thing that the
kernel needs good random numbers for is security, and people should
have the option to turn that off if the memory and CPU cycles are too
critical.

-- 
Robert Krawitz <rlk@tiac.net>           http://www.tiac.net/users/rlk/

Member of the League for Programming Freedom -- mail lpf@uunet.uu.net Tall Clubs International -- tci-request@aptinc.com or 1-800-521-2512