>>>>> "tytso" == "Theodore Y Ts'o" <tytso@MIT.EDU> writes:
tytso> From: lilo <TaRDiS@Mail.UTexas.EDU>
tytso> As long as these devices don't have the same minor numbers.
This will require a modified MAKEDEV script that knows how you compiled
your current kernel ...
tytso> If you're going to be using a pseudo-random number generator, then it
tytso> doesn't belong in the kernel at all.
Yes. (It would be too much overhead for a user-level program anyway).
tytso> The whole reason for putting a /dev/random driver into the kernel was
tytso> because it had access to low-level timing information which you couldn't
tytso> efficiently obtain from a user-mode program.
Now that is an important point.
Theodore: Let me ask you a question regarding real security.
If somebody (else) runs a process constantly sucking numbers from
/dev/random on an (maybe your) essentially "idle" machine, i.e. with
little activity on keyboard, disk, network, etc., can you still
guarantee that _you_ still get sufficiently good random numbers from
/dev/random, to prevent any attacks, even if this "somebody else"
communicates these numbers to an assumed attacker? (Do not assume that
you can use e.g. the Pentium time stamp register).
Cheers,
-Harald