tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]



I wonder if there is a reason that the RNDGETPOOLSTAT ioctl from rnd(4) is
privileged?  It returns the following structure

typedef struct
        uint32_t        poolsize;
        uint32_t        threshold;
        uint32_t        maxentropy;

        uint32_t        added;
        uint32_t        curentropy;
        uint32_t        removed;
        uint32_t        discarded;
        uint32_t        generated;
} rndpoolstat_t;

I'm no security weenie, is that sensitive information?  The curentropy
value at least is freely available otherwise with RNDGETENTCNT.

(I noticed that a script using 'dd if=/dev/random count=1 | md5' blocked
on my freshly booted system and see no way for a script to test in advance
if that would happen, because rndctl(8) can't show the stats to ordinary


Home | Main Index | Thread Index | Old Index