cendres at videotron.ca
Sun Mar 28 00:15:37 PST 2004
I've found this:
Which leads back to another related url I found the other day. The package is
recently maintained, looks like obsd copyright, and adds arc4 (rc5-like)
random number generation to a shared library. Propolice, openssh, mkstemp
(and many others) can use this auxiliary-random (arandom) because its cheap
to generate and practically bottomless, opposed to /dev/urandom.
I have a feeling the Gentoo-hardened and Adamantix people would be interested
in this aswell. Applications would have to be patched for this, and will not
work on other Linux systems (unless maybe they are staticlly linked), but
this is already the case with propolice anyway.
I'm not exactly sure why no Linux distros seem to have this already. Its a
very personalized feature, could almost say 'distro specific'. The only down
sides I can think of are legal reasons (with crypto), and screwing binary
compatability. But this could lead the path to getting better crypto into
libc, such as blowfish for shadow passwds.
More information about the hlfs-dev