On Tue, 2013-11-12 at 18:23 +1000, James A. Donald wrote: > On 2013-11-12 16:44, John Denker wrote: > > The fact is, there are some applications that cannot make do with > > low-quality randomness *and* cannot afford to wait. > > I don't think so. > > I think this is a configuration bug. By the time you have completed the > boot process, you have accumulated lots of entropy, and there is no > cryptographic application so urgent it cannot wait for the boot process > to complete. > > However, some idiot puts a process needing true randomness early in the > boot process for no good reason. > > A process needing true randomness should fail by design in such case.
I'm inclined to agree. IMO the kernel ought to simply terminate any process that attempts to read /dev/random before the boot process is complete. _______________________________________________ RNG mailing list [email protected] http://lists.bitrot.info/mailman/listinfo/rng
