From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <2551C921.76D09E44@mail.gmail.com> From: Russ Cox To: 9fans@cse.psu.edu Subject: Re: [9fans] x10 Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <20040407204607.GA2551@ratsnest.hole> <20040408201926.GA1514@ratsnest.hole> Date: Thu, 8 Apr 2004 13:29:26 -0700 Topicbox-Message-UUID: 56e513bc-eacd-11e9-9e20-41e7f4b1d025 > What's wrong with enforcing upon a process truerand() returning > random numbers and not zero every time ? If you start the process yourself, then you'll know that /dev/random is okay, assuming you're not shooting yourself in the foot on purpose. If you start an untrusted program and then have it start the process, all bets are off, as you have observed. But if you're letting an untrusted program start some other program, you have other things to worry about -- like the untrusted program might edit the binary to remove all the calls to truerand() before executing it. Or might just not run the binary and run its own entirely different version. There's no sense in trying to lock down this one thing. The solution is not to rely on untrusted programs to do your work for you. Russ