Am Freitag, 21. Oktober 2016, 12:33:14 CEST schrieb Theodore Ts'o: Hi Theodore, > > It would certainly be a good idea to suggest the use of getrandom(2), > and the fact that the only difference between getrandom(2) and > /dev/urandom is that getrandom(2) will block until it can safely > generate random numbers. Unfortunately, there are far too many > programs (including udev and systemd!) that try to use /dev/urandom at > boot time, and making a change to /dev/urandom would break users. If > any of these use cases are security sensitive, they should really > change it so that users aren't vulnerable to security attacks. (The > use of systemd on IOT devices especially terrifies me in this regard.) Although I this is not related to the man page, please note that I have tried this approach during the development of my LRNG. systemd did not like that at all. The system did not come up, even though there was only 0.5 seconds it would need to wait until getrandom would unblock during my tests. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
