On Sun, 21 Jul 2019 15:05:53 +0000 [email protected] wrote: > Rust reads a byte from /dev/random before deciding it's OK to read > /dev/urandom. We are told this is the correct behaviour and that we > shouldn't upstream "just use /dev/urandom/sysctl equivalent".
Who says this is correct behaviour? It isn't. random(4) has this to say: "Applications should read from /dev/urandom when they need randomly generated data, e.g. key material for cryptography or seeds for simulations. Systems should be engineered to judiciously read at least once from /dev/random at boot before running any services that talk to the internet or otherwise require cryptography, in order to avoid generating keys predictably." My interpretation of the above is that rust is not doing the right thing. It is an application runtime, but behaves like an rc script. Kind regards, -Tobias
