On Wed, Sep 29, 2010 at 09:39:06AM -0600, Theo de Raadt wrote:
> > On Wed, Sep 29, 2010 at 9:57 AM, Simon Perreault
> > <simon.perrea...@viagenie.ca> wrote:
> > > I'm trying to use /dev/srandom, but I can't get even a single byte out
> > > of it.
> >
> > Independent of other problems, I don't think you should be using
> > srandom. We should just take that interface away, people see it and
> > then they want to use it, but it doesn't work the way they want.
>
> Taking it away would first require an extensive audit of the ports
> tree -- to make sure that the applications in there don't end up
> choosing something even *worse* than srandom...
And isn't srandom sometimes (very rarely!) appropriate? E.g. for
generating encryption keys?
Joachim
