CVS update: gnucash/src/engine

Derek Atkins warlord@MIT.EDU
06 Feb 2001 22:22:50 -0500

FYI, for what we're doing /dev/urandom should be sufficient.  Quite
honestly, we could just grab a good Pseudo Random Number Generator and
seed it from /dev/random (e.g. 500-1000 bytes).  That way we wont run
/dev/random dry.

Indeed, we could probably grab the PRNG used by Linux's /dev/urandom.
The real problem is that when we read from /dev/urandom we don't know
how much entropy is in the pool that it's drawing from.  If we hold
the entropy pool ourself then we don't have to worry about it running

Are we seriously grabbing so much entropy that we run /dev/random dry?


PS: Ted made /dev/random blocking for a reason -- application that are
drawing from /dev/random want strong random numbers, so they didn't
want to give those machines a false sense of security.

PPS: I'll take a look at the guid code and try to make some
suggestions.  How random do we really need the GUIDs to be, anyways? (Dave Peticolas) writes:

> Date:	Tuesday February 6, 2001 @ 20:13
> Author:	peticolas
> Update of /home/cvs/cvsroot/gnucash/src/engine
> In directory
> Modified Files:
> 	guid.c 
> Log Message:
> For now just read from /dev/urandom instead of /dev/random.
> If it turns out that some systems only have /dev/random, then
> we should look into non-blocking io for this.
> _______________________________________________
> gnucash-patches mailing list

       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL:    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available