tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: /dev/random is hot garbage

On Sun, 21 Jul 2019 15:05:53 +0000 wrote:

> Rust reads a byte from /dev/random before deciding it's OK to read
> /dev/urandom. We are told this is the correct behaviour and that we
> shouldn't upstream "just use /dev/urandom/sysctl equivalent".

Who says this is correct behaviour? It isn't. random(4) has this to say:

"Applications should read from /dev/urandom when they need randomly
 generated data, e.g. key material for cryptography or seeds for

 Systems should be engineered to judiciously read at least once from
 /dev/random at boot before running any services that talk to the internet
 or otherwise require cryptography, in order to avoid generating keys

My interpretation of the above is that rust is not doing the right thing.
It is an application runtime, but behaves like an rc script.

Kind regards,

Home | Main Index | Thread Index | Old Index