I just saw that ECL read /dev/urandom on startup, obviously to initialize its random number generator.
* Is that required by the specification? eg. SBCL gives always the same numbers, unless (seed-random-state T) is called (or (make-random-state T)). * ECL reads (on my machine) 8kB from /dev/urandom - but, if I read init_random_state() correctly, half of that is immediately dropped. * If the randomization at startup is wanted, how about reading much less (eg. 3 words) and using a pseudo-random-number generator to fill the random state? My reasoning is that most people don't need cryptographically secure [1] random numbers; if they need some, they can (and for portability _should_) always initialize the state themselves. Certainly there's no need to read 8kB of randomness, is there? That more or less guarantees that any instance of ECL that tries to run GPG or ssh-keygen has to wait until the entropy in the OS is replenished. I'd be willing to provide a patch for the third point above - if there's a chance to get it included. Regards, Phil Ad 1: yes, it's "only" /dev/urandom, but this uses entropy as well (if one is available). ------------------------------------------------------------------------------ AppSumo Presents a FREE Video for the SourceForge Community by Eric Ries, the creator of the Lean Startup Methodology on "Lean Startup Secrets Revealed." This video shows you how to validate your ideas, optimize your ideas and identify your business strategy. http://p.sf.net/sfu/appsumosfdev2dev _______________________________________________ Ecls-list mailing list Ecls-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ecls-list
