Re: /dev/random: really secure?

• Next message: Christoph Hellwig: "Re: Test12 ll_rw_block error."
• Previous message: Mathieu Chouquet-Stringer: "Sound problem with AC97 module"
• In reply to: Kurt Garloff: "Re: /dev/random: really secure?"
• Next in thread: David Schwartz: "RE: /dev/random: really secure?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> On Mon, Dec 18, 2000 at 04:33:13PM -0500, Theodore Y. Ts'o wrote:
> > Note that writing to /dev/random does *not* update the entropy estimate,
> > for this very reason. The assumption is that inputs to the entropy
> > estimator have to be trusted, and since /dev/random is typically
> > world-writeable, it is not so trusted.
>
> It should not be world-writeable, IMHO. So the only one who can feed entropy
> there is root, who should know aht (s)he's doing ...
> Here (SuSE Linux 7.x), it is 644:

You actually *want* random people to send entropy into your pool. Just
do not increase counters. That way, entropy can only get better :-).
                                                                Pavel

-- 
The best software in life is free (not shareware)!		Pavel
GCM d? s-: !g p?:+ au- a--@ w+ v- C++@ UL+++ L++ N++ E++ W--- M- Y- R+
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Christoph Hellwig: "Re: Test12 ll_rw_block error."
• Previous message: Mathieu Chouquet-Stringer: "Sound problem with AC97 module"
• In reply to: Kurt Garloff: "Re: /dev/random: really secure?"
• Next in thread: David Schwartz: "RE: /dev/random: really secure?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sat Dec 23 2000 - 21:00:25 EST