| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 07 Sep 2011 15:49:24 -0400 (EDT) From: David Miller <davem@...emloft.net> To: tytso@....edu Cc: jarod@...hat.com, levinsasha928@...il.com, linux-crypto@...r.kernel.org, mpm@...enic.com, nhorman@...hat.com, herbert.xu@...hat.com, sgrubb@...hat.com, stephan.mueller@...ec.com, linux-kernel@...r.kernel.org Subject: Re: [PATCH] random: add blocking facility to urandom From: "Ted Ts'o" <tytso@....edu> Date: Wed, 7 Sep 2011 15:27:37 -0400 > On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote: >> We're looking for a generic solution here that doesn't require >> re-educating every single piece of userspace. And anything done in >> userspace is going to be full of possible holes -- there needs to be >> something in place that actually *enforces* the policy, and >> centralized accounting/tracking, lest you wind up with multiple >> processes racing to grab the entropy. > > Yeah, but there are userspace programs that depend on urandom not > blocking... so your proposed change would break them. Agreed, and this is a really poor approach to solving the problem. If you change semantics, you have to create a new facility and then convert the userland pieces over to it. Yes, this is harder and requires more work, but it is necessary as it is the only way to ensure that we won't break something. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists