Subject: Re: /dev/random without random sources blocking forever?
To: Christos Zoulas <firstname.lastname@example.org>
From: Bill Studenmund <email@example.com>
Date: 08/21/2006 20:28:06
Content-Type: text/plain; charset=us-ascii
On Mon, Aug 21, 2006 at 11:21:31PM +0000, Christos Zoulas wrote:
> In article <20060821203839.GC18185@netbsd.org>,
> Bill Studenmund <firstname.lastname@example.org> wrote:
> >On Mon, Aug 21, 2006 at 01:20:59PM -0700, Garrett D'Amore wrote:
> >> Yes, without random sources, you can't get any entropy bits. Solution
> >> is to add sources for entropy. Alternatively, use /dev/urandom which
> >> gives back data without blocking, but might not be cryptographically r=
> >If you don't have ANY entropy sources, wouldn't it be better to error ou=
> >on the read? Yes, if you don't have any entropy sources, you shouldn't u=
> >/dev/random. But "Don't do that" seems a better response than blocking=
> How about /dev/urandom?
That's a different question. Yes, if you don't have any entropy sources,=20
you should use /dev/urandom. But what do you do with code that is=20
hard-coded (or misconfigured) to still use /dev/random? Do you let it spin=
forever, or do you tell it, "No, that won't work." It's kinda like, "You=20
missed a turn back there. Do you run off the cliff, or do you stop just at=
the barrier before the cliff?"
To be honest, does it make sense for you to be able to open /dev/random=20
without any real entropy sources available? Userland can't add entropy=20
sources, so we don't need a control channel.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (NetBSD)
-----END PGP SIGNATURE-----