On Tue, Oct 30, 2001 at 10:13:27AM -0500,
Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Bruno Wolff III <bruno@cerberus.csd.uwm.edu> writes:
> > It looks like they consider not running without seeding the PRNG a feature
> > and that this isn't something likely to change soon.
>
> One man's feature is another man's bug, I'd say. How can they consider
> it a good decision to leave it to the application to solve this problem?
> Especially when they *do* solve the seeding problem on some platforms?
> Their stance is completely inconsistent. If they're concerned about
> preventing use of predictable seeds, the last thing they should want to
> do is allow a surrounding application to apply a sloppy solution (like
> the constant seed you just suggested). They should think of the best
> solution they can, and embody it in their library. There is *no* chance
> that an application developer is going to invent a better way on the
> spur of the moment, and every chance that he'll blow a mile-wide hole
> in the security of their library.
In some sense the real problem is that tru64 unix doesn't have a /dev/random
device. This should really be a standard feature in all unix like systems.
I can see from your point of view that their library is broken. It would
probably make the most sense to pick some initialization method(s) when building
openssl rather than using a platform independent list to try out at run time.
Maybe a note could get tacked on to the INSTALL information for enabling
ssl to warn people that there might be issues if they are using openssl
and their system doesn't have a /dev/random device?
