[5358] in cryptography@c2.net mail archive
Re: linux-ipsec: Re: Summary re: /dev/random
daemon@ATHENA.MIT.EDU (Crispin Cowan)
Fri Aug 6 12:28:01 1999
Date: Thu, 05 Aug 1999 06:42:26 +0000
From: Crispin Cowan <crispin@cse.ogi.edu>
To: "Theodore Y. Ts'o" <tytso@mit.edu>
Cc: Henry Spencer <henry@spsystems.net>, Osma Ahvenlampi <oa-lists@spray.fi>,
cryptography@c2.net, linux-ipsec@clinet.fi
"Theodore Y. Ts'o" wrote:
> I'd certainly agree that having a standard user-space library would be a
> Good Thing. The real question in my mind is should the code live in
> user space or in kernel space.
Definitely kernel space. Precisely because a good source of entropy is:
* not computable, you need to get it from a device
* essential for assorted security applications
it needs to be in kernel space, where it can talk to raw devices, and be
protected from corruption & spoofing.
Crispin
-----
Crispin Cowan, Research Assistant Professor of Computer Science, OGI
NEW: Protect Your Linux Host with StackGuard'd Programs :FREE
http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/
