Bugtraq mailing list archives
Re: OS snobbery... (was Re: Bad PRNGs revisted in FreSSH)
From: Thor Lancelot Simon <tls () rek tjls com>
Date: Wed, 14 Feb 2001 15:33:01 -0500
On Wed, Feb 14, 2001 at 03:01:16PM -0500, Valdis.Kletnieks () vt edu wrote:
(Another fine example of OS snobbery on Bugtraq)... On Wed, 14 Feb 2001 05:02:08 GMT, tls () REK TJLS COM said:FreSSH distribution -- thankfully, since just about everyone in the world *does* have a /dev/random (whatever name it's called by; this code is in an OS-dependent source file that has the appropriate name for the OS in question in it) just about nobody does get stuck with this.Unless you're AIX, Irix, Solaris....
I'd consider that a fair and reasonable comment if you hadn't snipped the part of my text where I explicitly pointed out that, at the moment, FreSSH *does not run on those operating systems* and that for it to do so, the module containing the function in question would have to be rewritten. Someone else stated elsewhere in this thread that NetBSD (one of the platforms used for FreSSH development, coincidentally) is an example of a current operating system without a /dev/random. That's actually false, and in point of fact, with the quick application of a Sun-provided patch you can even have a /dev/random on Solaris. Not that that will make FreSSH *build* on Solaris, at least not the version you'll find in that 0.8 tar file, but we're going to get that fixed ASAP, too, just like this bug.
In fact, unless you're anything but BSD44, linux, or svr4, by judging by the fressh 0.8 source distribution - those are the only 3 operating systems that have sys_sys_XXX.c files. However, BSD44, Linux, and SVR4 are *not* "just about everybody".
They are, actually, in the context of the current public FreSSH distribution, "more than everybody" since, as is well-documented, the SVR4 module doesn't work. Of course we intend to fix this; in fact, it's pretty much already fixed, as is the code people are (justifiably) complaining about in this thread -- even though that code is basically never used. We are doing everything possible to get our 0.9 release out the door and it will have this and any other bugs anyone points out to us fixed, period. Thor
Current thread:
- Bad PRNGs revisted in FreSSH Charles M. Hannum (Feb 13)
- <Possible follow-ups>
- Re: Bad PRNGs revisted in FreSSH tls (Feb 14)
- OS snobbery... (was Re: Bad PRNGs revisted in FreSSH) Valdis Kletnieks (Feb 15)
- Re: OS snobbery... (was Re: Bad PRNGs revisted in FreSSH) Thor Lancelot Simon (Feb 15)
- Re: OS snobbery... (was Re: Bad PRNGs revisted in FreSSH) Lars Hecking (Feb 15)
- OS snobbery... (was Re: Bad PRNGs revisted in FreSSH) Valdis Kletnieks (Feb 15)
- Re: Bad PRNGs revisted in FreSSH Damien Miller (Feb 15)
- Re: Bad PRNGs revisted in FreSSH Andrew Brown (Feb 15)
- Re: Bad PRNGs revisted in FreSSH Joe Laffey (Feb 15)
- Re: Bad PRNGs revisted in FreSSH Ulf Moeller (Feb 15)
- Re: Bad PRNGs revisted in FreSSH Thor Lancelot Simon (Feb 15)