CVS update: gnucash/src/engine
Derek Atkins
warlord@MIT.EDU
06 Feb 2001 22:22:50 -0500
FYI, for what we're doing /dev/urandom should be sufficient. Quite
honestly, we could just grab a good Pseudo Random Number Generator and
seed it from /dev/random (e.g. 500-1000 bytes). That way we wont run
/dev/random dry.
Indeed, we could probably grab the PRNG used by Linux's /dev/urandom.
The real problem is that when we read from /dev/urandom we don't know
how much entropy is in the pool that it's drawing from. If we hold
the entropy pool ourself then we don't have to worry about it running
dry.
Are we seriously grabbing so much entropy that we run /dev/random dry?
-derek
PS: Ted made /dev/random blocking for a reason -- application that are
drawing from /dev/random want strong random numbers, so they didn't
want to give those machines a false sense of security.
PPS: I'll take a look at the guid code and try to make some
suggestions. How random do we really need the GUIDs to be, anyways?
peticolas@linas.org (Dave Peticolas) writes:
> Date: Tuesday February 6, 2001 @ 20:13
> Author: peticolas
>
> Update of /home/cvs/cvsroot/gnucash/src/engine
> In directory www.linas.org:/tmp/cvs-serv2658
>
> Modified Files:
> guid.c
> Log Message:
> For now just read from /dev/urandom instead of /dev/random.
> If it turns out that some systems only have /dev/random, then
> we should look into non-blocking io for this.
>
>
> _______________________________________________
> gnucash-patches mailing list
> gnucash-patches@lists.gnumatic.com
> http://www.gnumatic.com/cgi-bin/mailman/listinfo/gnucash-patches
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available