[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [debian-devel] Re: SSP for Debian unstable. was Re: security enhanced debian branch?

Magosányi Árpád writes:
> If we are low on entropy, there are several things that can help:
> -an "entropy friendly" /dev/?random for "not so important for security"
> programs[1].

Your "not so important for security" programs will suck up all the entropy
via /dev/urandom and then keep going, running on what they get from the prng.
Meanwhile, the important programs that were depending on /dev/random will
be stalled, waiting for the entropy pool to refill.

Perhaps the kernel should cut /dev/urandom off from the entropy pool when
it reaches some low-water mark. 
John Hasler
john@dhh.gt.org (John Hasler)
Dancing Horse Hill
Elmwood, WI

Reply to: