On Wed, Apr 20, 2016 at 06:19:25PM -0400, Cole Robinson wrote: > Currently we only allow /dev/random and /dev/hwrng as host input > for <rng><backend model='random'/> device. This was added after > various upstream discussions in commit 4932ef45 > > However this restriction has generated quite a few complaints over > the years, so a new discussion was initiated: > > http://www.redhat.com/archives/libvir-list/2016-April/msg00987.html > > Several people suggested removing the restriction, and nobody really > spoke up to defend it. So this patch drops the path restriction > entirely ACK, despite explicit request for details, no one has been able to give a clear description of a security problem in using urandom. It has all just been hand-wavey assertions with nothing to back it up, against other people's analysis showing urandom to be safe. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list