On Jun 4, 2011, at 7:02 AM, Massimo Di Pierro wrote: > > Just one minor change to deal with an error for system where users do > not have permission to write to /dev/urandom (typically on shared > hosts).
The change treats read-only urandom the same as non-existent urandom, for warning purposes. Is that the intent? Also, I wonder if it wouldn't be a good policy to unconditionally use local randomness (the seeded random) and mix in urandom randomness if available. That would help to guard against a bad urandom implementation that behaved (wrt read/write) normally.