Re: Why does reading from /dev/urandom deplete entropy so much?

From: Ismail DÃnmez
Date: Sat Dec 08 2007 - 17:09:22 EST

Next message: Rafael J. Wysocki: "Re: 2.6.24-rc4-git5: Reported regressions from 2.6.23"
Previous message: Adrian Bunk: "Re: Why does reading from /dev/urandom deplete entropy so much?"
In reply to: Adrian Bunk: "Re: Why does reading from /dev/urandom deplete entropy so much?"
Next in thread: Theodore Tso: "Re: Why does reading from /dev/urandom deplete entropy so much?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sunday 09 December 2007 00:03:45 tarihinde Adrian Bunk ÅunlarÄ yazmÄÅtÄ:
> On Thu, Dec 06, 2007 at 02:32:05PM -0500, Bill Davidsen wrote:
> >...
> > Sounds like a local DoS attack point to me...
>
> As long as /dev/random is readable for all users there's no reason to
> use /dev/urandom for a local DoS...

Draining entropy in /dev/urandom means that insecure and possibly not random
data will be used and well thats a security bug if not a DoS bug.

And yes this is by design, sigh.

--
Never learn by your mistakes, if you do you may never dare to try again.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rafael J. Wysocki: "Re: 2.6.24-rc4-git5: Reported regressions from 2.6.23"
Previous message: Adrian Bunk: "Re: Why does reading from /dev/urandom deplete entropy so much?"
In reply to: Adrian Bunk: "Re: Why does reading from /dev/urandom deplete entropy so much?"
Next in thread: Theodore Tso: "Re: Why does reading from /dev/urandom deplete entropy so much?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]