Bug#412408: Is invoking exit(2) in a library the right thing to do?

Werner Koch wk at gnupg.org
Thu Nov 15 18:51:07 CET 2007


On Thu, 15 Nov 2007 15:32, md at Linux.IT said:

> I oppose this "solution", the only devices which *must* be created
> statically (and are available in the standard initramfs indeed) are null
> and console.

With this reasoning you may also change Linux to allow /dev/random to be
a module.  It was conscious decisions, more than a decade ago, to have
/dev/random *always* available.  Thus it is as important as /dev/null
and more usefule than console.

> SSL is not used at this time of the boot process: there is no
> networking, so the query is expected to (gracefully) fail anyway.

It is not only used for networking but also for login services and all
kind of other non-networking stuff.

But if you really don't like to have /dev/random, you may configure
libgcrypt with --enable-random=auto and it will fall back to rndunix
which has the little disadvantage of running dozens of system utilities
to build up the entropy pool.  I wonder whether this has really any
advantage over creating a node for an already existing device.


Shalom-Salam,

   Werner


-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.




More information about the Gcrypt-devel mailing list