On Wed, 2004-04-21 at 04:40, Russell Coker wrote: > On Wed, 21 Apr 2004 12:49, Colin Walters <walters@xxxxxxxxxx> wrote: > > I presume by the way there's a reason access to random_device_t is was > > originally denied - it prevents users from draining your good entropy by > > generating a ton of keys. On the other hand, if you have GPG installed > > Actually when I gave different types to /dev/random and /dev/urandom we just > sorted out which access each program seemed to need. At the time GPG didn't > seem to want /dev/random access. If it wants it then it should get it. I think it only uses /dev/random when generating keys. > It seems that every desktop, laptop, and PDA shipped in the last few years has > sound hardware. The microphone that's built in to many machines can be used > as a source of entropy, and even an unconnected line-in if sampled at 16bit > will do reasonably well. There is already policy > for /usr/sbin/audio-entropyd to use this, if we get this packaged then maybe > it would be the best solution to the problem? That does sound like a cool idea. You can really get data even if there's no microphone connected?
Attachment:
signature.asc
Description: This is a digitally signed message part