Re: [debian-devel] Re: SSP for Debian unstable. was Re: security enhanced debian branch?
Magosányi Árpád writes:
> If we are low on entropy, there are several things that can help:
> -an "entropy friendly" /dev/?random for "not so important for security"
> programs[1].
Your "not so important for security" programs will suck up all the entropy
via /dev/urandom and then keep going, running on what they get from the prng.
Meanwhile, the important programs that were depending on /dev/random will
be stalled, waiting for the entropy pool to refill.
Perhaps the kernel should cut /dev/urandom off from the entropy pool when
it reaches some low-water mark.
--
John Hasler
john@dhh.gt.org (John Hasler)
Dancing Horse Hill
Elmwood, WI
Reply to: