> what is the problem with having /dev/random an option?
>
> Installing a secure-my-network-package.tar.gz - and it tells you:
> "I really need /dev/random. Plese build a new kernel as follows
> (1) cd /usr/src/linux
> (2) configchange RANDOM_OPTION=y /* just as an example */
> (3) make zImage
> ... "
> If these instructions are correct, anybody who can install a package can
> make a correct kernel. There is nothing about building a new kernel.
Sorry, but there is. We can't expect Joe Average User to compile his own
kernel. Not if we want Linux to be anything else but a hacker's kernel.
Even if J. A. User was capable of compiling his own kernel, he why should
he have to? Would you expect Joe Average User to recompile DOS or Windows
(if the sources were available), just to add support for Netscape?
Especially after explaining to him that the original OS didn't have the
security feature built in because it was considered too big to include in
a standard OS kernel (16 kbytes)?
Secondly, I fear that if application software vendors know /dev/random
might be missing in some Linux distributions, the just ignore it. They
don't want to answer support calls in which they have to explain how to
recompile the kernel.
Johan Myreen
jem@iki.fi