[32662] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [ANNOUNCE] glibc heap protection patch

daemon@ATHENA.MIT.EDU (Han Boetes)
Wed Dec 3 14:44:59 2003

Date: Wed, 3 Dec 2003 08:54:11 +0100
From: Han Boetes <han@mijncomputer.nl>
To: bugtraq@securityfocus.com
Message-ID: <20031203075433.GA3275@boetes.org>
Mail-Followup-To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <6CFB176E-24FE-11D8-8B1F-000A95675F0E@cs.ucsb.edu>

William Robertson wrote:
> It seems that this should be patched to use some source of randomness
> such as /dev/random instead of time().

I ported arc4random from OpenBSD to linux some time ago. All I had to
do was to change the sysctl:

  http://www.xs4all.nl/~hanb/software/arc4random.tar.bz2


I think it's a very usefull function.



# Han


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[32662] in bugtraq

Re: [ANNOUNCE] glibc heap protection patch

daemon@ATHENA.MIT.EDU (Han Boetes)Wed Dec 3 14:44:59 2003

daemon@ATHENA.MIT.EDU (Han Boetes)
Wed Dec 3 14:44:59 2003