Dear DragonFlyBSD bugs,

 

Alex Hornung recently (today ?) added mmap randomisation (security feature), but in his commit he uses:

 

karc4random()

 

When he should really be using the superior kernel random number generator presented to userland via

 

/dev/random

 

and

 

/dev/urandom

 

There are other portions of Kernel code which needs to do the same, e.g. I think OpenBSDs PF Packet

Filter uses karc4random() ....

--
Sincerely,
Robin Carey