[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL


Quoting Russ Allbery (2014-07-16 22:17:23)
> Ben Hutchings <ben@decadent.org.uk> writes:
> > On Wed, 2014-07-16 at 12:47 -0700, Russ Allbery wrote:
> >> It would be nice to have a reliable kernel interface for getting
> >> randomness rather than relying on proper chroot configuration.
> > There is such an interface.  It happens to be a char device.  Expecting
> > administrators to create /dev/urandom in a chroot is no more unreasonable
> > than expecting them to create /dev/null or /dev/zero.
> I'm not a big fan of that either.  :)  Also, I think it's relatively rare for
> a library to require those devices exist for secure behavior, although
> perhaps I'm just not knowledgable in this area.

maybe this will help in the future:


cheers, josch

Reply to: