On Tue, Nov 12, 2013 at 10:32:05PM -0500, Theodore Ts'o wrote: > One of the things I've been thinking about with respect to making > /dev/urandom block is being able to configure (via a module parameter > which could be specified on the boot command line) which allows us to > set a limit for how long /dev/urandom will block after which we log a > high priority message that there was an attempt to read from > /dev/urandom which couldn't be satisified, and then allowing the > /dev/urandom read to succed. > > The basic idea is that we don't want to break systems, but we do want > to gently coerce people to do the right thing. Otherwise, I'm worried > that distros, or embedded/mobile/consume electronics engineers would > just patch out the check.
That's a good idea. I've worried about the same thing, but hadn't thought of that solution. Greg -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
