On Mon, May 14, 2018 at 10:41:47AM -0300, Lisandro Damián Nicanor Pérez Meyer wrote: > = On the Qt side: > - With an upstream maintainer hat on: Qt 5.10 is not meant for oldstable. > People wanting to run Qt 5.10 on those system must modify whatever is > necessary. OK. This is an understandable point. > - We do not know the impact we create by disabling the getentropy feature. And > normally that stuff is related to criptography. Believe me I don't want to > mess with that. If we disable it, Qt will fall back to reading /dev/urandom directly. As I understand, it will be a bit less secure because it is vulnerable to file descriptor exhaustion attacks, and also a bit slower. But on the other hand, it is a traditional interface for getting randomness, and the majority of software probably still uses it. See for details: - https://lwn.net/Articles/606141/ - https://git.kernel.org/linus/c6e9d6f38894798696f23c8084ca7edbf16ee895 - https://code.qt.io/cgit/qt/qtbase.git/commit/?id=120ecc976fc3d550 -- Dmitry Shachnev
Attachment:
signature.asc
Description: PGP signature