Re: CONFIG_RANDOM option for 1.99.2

Raul Miller (rdm@tad.micro.umn.edu)
23 May 1996 18:52:17 -0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Paul H. Hargrove: "Re: Linux Logo prototype. (fwd)"
Previous message: Daniel A. Taylor: "Re: tcp/ip filtering"
In reply to: Kevin M Bealer: "Re: Linux logo"
Next in thread: Liam Hudson: "Re: Linux logo"

Martin Dalecki:
> 1. Grab the kernel sources.
> 2. Fake random.c, so that it is using an deterministic algorithm for
..
> And now You are thinking about the possibility of the scenario
> described just above... You spend a night at thinking about
> it. Finally the decision will surely be:
>
> DO ANYTHING TO GET GOOD RANDOM NUMBERS, BUT DON'T USE /dev/random.

You could also hack the kernel to give you some kind of secret shell
using some kind of secret protocol under some kind of secret
conditions.

The real solution, if you're really concerned about security, is to
get someone you trust to check out the integrity of the kernel. This
implies there's some kind of non-trivial market waiting for the right
kind of certification outfit.

I'm afraid I agree with Ted on this one -- a lot of the configuration
options on the current kernel are only useful for kernel hackers.

-- 
Raul

Next message: Paul H. Hargrove: "Re: Linux Logo prototype. (fwd)"
Previous message: Daniel A. Taylor: "Re: tcp/ip filtering"
In reply to: Kevin M Bealer: "Re: Linux logo"
Next in thread: Liam Hudson: "Re: Linux logo"