From: Russ Cox <russcox@gmail.com>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] x10
Date: Thu, 8 Apr 2004 13:29:26 -0700 [thread overview]
Message-ID: <2551C921.76D09E44@mail.gmail.com> (raw)
In-Reply-To: <20040408201926.GA1514@ratsnest.hole>
> What's wrong with enforcing upon a process truerand() returning
> random numbers and not zero every time ?
If you start the process yourself, then you'll know that /dev/random
is okay, assuming you're not shooting yourself in the foot on purpose.
If you start an untrusted program and then have it start the process,
all bets are off, as you have observed. But if you're letting an untrusted
program start some other program, you have other things to worry
about -- like the untrusted program might edit the binary to remove
all the calls to truerand() before executing it. Or might just not run
the binary and run its own entirely different version. There's no
sense in trying to lock down this one thing. The solution is not to
rely on untrusted programs to do your work for you.
Russ
next prev parent reply other threads:[~2004-04-08 20:29 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <81132473206F3A46A72BD6116E1A06AE05617C@black.aprote.com>
2004-04-06 18:03 ` ron minnich
2004-04-06 18:17 ` Derek Fawcus
2004-04-06 18:20 ` ron minnich
2004-04-07 0:30 ` matt
2004-04-06 18:18 ` boyd, rounin
2004-04-06 18:48 ` rog
2004-04-06 18:47 ` boyd, rounin
2004-04-06 20:46 ` Enache Adrian
2004-04-06 23:56 ` Russ Cox
2004-04-07 20:46 ` Enache Adrian
2004-04-07 21:11 ` Geoff Collyer
2004-04-08 20:19 ` Enache Adrian
2004-04-08 20:27 ` Geoff Collyer
2004-04-08 20:29 ` Russ Cox [this message]
2004-04-08 20:42 ` rog
2004-04-08 22:09 ` Charles Forsyth
2004-04-08 23:52 ` Bruce Ellis
2004-04-08 8:54 ` lucio
2004-04-07 13:20 ` Dave Lukes
2004-04-07 13:41 ` matt
[not found] <d9edb6c9f24b0e7f0d49a11389dcf4e4@granite.cias.osakafu-u.ac.jp>
[not found] ` <9d7ff25cc1cb8a187ec626f4ccfe804d@collyer.net>
2004-04-07 4:58 ` Kenji Okamoto
2004-04-07 7:11 ` Martin C.Atkins
2004-04-07 7:30 ` Geoff Collyer
2004-04-07 8:13 ` Martin C.Atkins
2004-04-07 13:28 ` boyd, rounin
2004-04-07 15:29 ` a
2004-04-08 2:13 ` Joel Salomon
[not found] <dd6cffdbd632256d61274934f107e4be@9srv.net>
[not found] ` <7ff77f951d0798f7e9b3695ccbb25275@9netics.com>
2004-04-07 8:07 ` Martin C.Atkins
2004-04-07 8:19 ` Geoff Collyer
2004-04-07 10:16 ` 9nut
2004-04-07 13:39 ` boyd, rounin
2004-04-07 13:36 ` boyd, rounin
2004-04-08 4:38 ` Martin C.Atkins
2004-04-08 4:45 ` Geoff Collyer
2004-04-08 7:04 ` Martin C.Atkins
2004-04-08 7:17 ` Geoff Collyer
[not found] ` <f4203830f3fae14acea75d36b5f357ee@9srv.net>
2004-04-08 2:20 ` Joel Salomon
2004-04-08 12:26 ` Brantley Coile
2004-04-08 13:06 ` matt
2004-04-08 13:27 ` Brantley Coile
2004-04-08 13:28 ` Brantley Coile
2004-04-08 21:24 ` boyd, rounin
2004-04-08 13:31 ` Brantley Coile
2004-04-08 21:22 ` boyd, rounin
[not found] <79b487c902aaae69762c013d51fe580c@juice.thebigchoice.com>
2004-04-06 12:53 ` a
2004-04-01 8:45 Fco.J.Ballesteros
2004-04-01 13:50 ` Dave Lukes
2004-04-01 14:32 ` boyd, rounin
2004-04-05 5:32 ` Kenji Okamoto
2004-04-05 9:46 ` boyd, rounin
2004-04-05 15:32 ` a
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2551C921.76D09E44@mail.gmail.com \
--to=russcox@gmail.com \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).