On Sat, May 26, 2018 at 03:36:37PM +0200, Stephan Mueller wrote: > - security related code should be vetted (which arguably is the case when the > discussed PBKDF is part of the kernel) > > > > If he/she were to add their own userland code then he would surely be > > criticized for rolling his own implementation. If one were to copy and paste cryptographic algorithms, that's surely not "rolling your own implementation" --- you're using someone else's implemntation. The argument for why code reuse by copy and paste is not a good thing is that you won't pick up bug fixes that might show up later. But for a cryptographic algorithm (e.g., sHA256, CHACHA20, etc.) with test vectors, in general there aren't cases where there are bug fixes that come later. An argument which makes sense for, say, an implementation of TLS, is not really applicable here. Given that there are other ways to address using well-vetted and reviewed code, I would argue that "run code at with least privleges" is clearly the far more important consideration here. - Ted
