Re: Linux 2.4.17-pre1

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Robert Love <rml@tech9.net>
To: Ken Brownfield <brownfld@irridia.com>, marcelo@conectiva.com.br
Cc: lkml <linux-kernel@vger.kernel.org>
Subject: Re: Linux 2.4.17-pre1
Date: 28 Nov 2001 22:30:46 -0500	[thread overview]
Message-ID: <1007004647.813.15.camel@phantasy> (raw)
In-Reply-To: <20011128211327.A27177@asooo.flowerfire.com>
In-Reply-To: <Pine.LNX.4.21.0111281340210.15491-100000@freak.distro.conectiva> <20011128185601.A784@mikef-linux.matchmail.com>  <20011128211327.A27177@asooo.flowerfire.com>

On Wed, 2001-11-28 at 22:13, Ken Brownfield wrote:>
> Seconded.  Off by default and with appropriate security caveats in the
> Configure.help section, which Robert has already mentioned.
> 
> It's pretty critical given the burgeoning amount of cryptography in
> production environments where entropy from disk I/O is essentially
> non-existent.  The security concerns are very valid, but many trade-offs
> are worth it, IMHO.  I will most likely be dead in the water soon unless
> I start using this patch in certain places.

For those interested, the patch is at
	ftp://ftp.kernel.org/pub/linux/kernel/people/rml/netdev-random

I want to point out that _without_ this patch, there are network devices
that feed the entropy pool.  In other words, this patch standardizes the
situation.

If you don't want net devices contributing, accept the default.

If you do, enable the configure setting and they all will contribute to
/dev/random.  This has uses in diskless/headless configurations, etc.

> On Wed, Nov 28, 2001 at 06:56:01PM -0800, Mike Fedyk wrote:
> | Any chance you'll merge Robert's netdev-random uniformity cleanup
> | patch with the default to "no"?

	Robert Love

next prev parent reply	other threads:[~2001-11-29  3:31 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2001-11-28 15:47 Linux 2.4.17-pre1 Marcelo Tosatti
2001-11-28 18:38 ` Andrey Nekrasov
2001-11-28 17:38   ` Marcelo Tosatti
2001-11-28 19:19     ` Tommy Reynolds
2001-11-29  2:56 ` Mike Fedyk
2001-11-29  3:13   ` Ken Brownfield
2001-11-29  3:30     ` Robert Love [this message]
2001-11-29 16:48   ` Marcelo Tosatti
  -- strict thread matches above, loose matches on Subject: below --
2001-11-28 22:00 Mikael Pettersson
2001-11-28 23:39 ` Alan Cox
2001-11-28 23:48   ` Robert Love
2001-11-29  0:05     ` Mark Hymers
2001-11-29  0:06       ` Robert Love

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1007004647.813.15.camel@phantasy \
    --to=rml@tech9.net \
    --cc=brownfld@irridia.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=marcelo@conectiva.com.br \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox