Need non-writable --homedir
Robert J. Hansen
rjh at sixdemonbag.org
Tue Sep 12 00:28:25 CEST 2006
Josef Wolf wrote:
> Don't most unices have /dev/random nowadays? I never planned to run
> this thing on a windows box :)
GnuPG has been ported to many platforms. BeOS, OpenVMS, Win32, and many
more that have no /dev/random.
> Hmm, the only drawback I see is a slowdown. The application will
> just hang and wait for more entropy to arrive.
As Daniel Keys Moran wrote in _The Last Dancer_, the mark of a
half-assed software design is its inability to fail gracefully. Most
software today would be lucky to be even half of that.
GnuPG may fail well in that situation. But will _all_ your applications
fail well in that situation? Especially ones which can't afford to
block for minutes until the /dev/random pool replenishes?
Being a good software citizen means being sparing in your use of limited
systemwide resources. Thus, apps should avoid using /dev/random unless
there's a clear and critical need.
>> 3. /dev/random is, as I understand it, an ad-hoc design. Many
>> people who need crypto software need vetted, certified designs
>> (even if the software itself isn't certified). E.g., some people
>> may require ANSI X9.17 RNG. With a software RNG, it's fairly easy
>> to just drop in whatever RNG you need.
>
> Ough... I always thought /dev/random has the highest possible
> quality. How can a RNG be more random than real entropy?
Again, you're missing the point.
If /dev/random is set up to be access for a radioisotope RNG on one
system, you have absolutely no guarantee it'll be a radioisotope RNG on
all systems. You have absolutely no guarantee it'll be a radioisotope
RNG even on all UNIX systems. Depending on how often you upgrade your
hardware, you may not even be able to guarantee it's a radioisotope RNG
on _your_ system.
GnuPG has no control over how each UNIX handles /dev/random. If GnuPG
has no control over that, then GnuPG isn't going to rely on that.
GnuPG _can_ rely on its own internal pseudorandom number generator. And
thus, it gets a random seed from some believed-good source (varies from
platform to platform), and successive calls to the PRNG just use that
instead.
You need to recognize that GnuPG is not a Linux-only platform, and
considerable work has gone into it to make it work on as many platforms
as possible. This means disregarding certain OS features that would tie
it narrowly to one specific operating system.
More information about the Gnupg-users
mailing list