On Mon, Dec 07, 1998 at 01:39:05PM -0500, Readwin, Neil wrote: > On Solaris mkcookie opens /dev/mem and reads about 8MB of it. > mkcookie will run and generate a new cookie if you remove the suid > bit, but I guess said cookie will be, umm, less random. This reminds me (I may have reported this eons ago, I forget). An old version of util-linux (some years old) also has a hosed mcookie program. You can test this by doing something like; while [ 1 ] ; do mcookie >> file ; done <pause a few minutes> ^C sort file | uniq | wc Basically... I was never able to get more that 16384 (2^14) unique tokens, a pretty small space compared to the theoretical 2^128. <Insert usual bit about birthday attack, blah blah blah> I don't know which version of util-linux it was, but I'm pretty sure 2.5 and above use /dev/random and hence don't have this behaviour. -Chris
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:24:46 PDT