Message217366
> "Depleting" /dev/urandom isn't actually a thing. /dev/urandom on all modern *nix OSs uses a fast PRNG which is secure as long as it has received enough bytes of initial entropy.
I didn't say "deplete /dev/urandom", I said that when reading from
/dev/urandom "you're depleting your entropy pool". So reading from
/dev/urandom won't block, but it can starve processes that read from
/dev/random, and that's a problem.
See https://groups.google.com/forum/#!msg/fa.linux.kernel/Ocl01d8TzT0/KDCon2ZUm1AJ
I think since 2.6 Linux uses two different entropy pools for
/dev/random and /dev/urandom, but that might not be true for every OS. |
|
Date |
User |
Action |
Args |
2014-04-28 11:51:11 | neologix | set | recipients:
+ neologix, ncoghlan, janssen, giampaolo.rodola, christian.heimes, benjamin.peterson, alex, tshepang, dstufft, josh.r |
2014-04-28 11:51:11 | neologix | link | issue21305 messages |
2014-04-28 11:51:11 | neologix | create | |
|