Priviledge seperation influenced arc4random design


OpenSSH started in 1999.  In 2002, priviledge seperation was added.

A major daemon now needed randomness -- key grade, IV grade,
whatever grade -- inside chroot space!

2011 - OpenSSH got sandboxing support. systrace based in OpenBSD.
Only permitted system calls are

    clock_gettime() close() getentropy() getpid() gettimeofday()
    madvise() mmap() mprotect() mquery() munmap() open() poll()
    read() select() sendsyslog() shutdown() sigprocmask() write()

arc4random is built on top of getentropy()