Uses too much entropy (Debian Bug #343085)

Werner Koch wk at gnupg.org
Fri Jan 4 16:50:45 CET 2008


On Fri,  4 Jan 2008 15:39, simon at josefsson.org said:

> You mean the problem where one client requests a lot of randomness,
> which would hurt the randomness received by other clients?

Right.  Though the IPC mechanims allows for several concurrent requests,
the hear of the RNG serializes everything.

> Maybe we could simply punt on that problem.  The /dev/*random devices
> have the same problem, doesn't it?

Yes /dev/random has the same property.

> Another solution, how about to refuse to give out entropy to processes
> not listed in a world-readable but root-writable file
> /etc/libgcryptd.conf file?

Well it is experimental and I had similar ideas.  If I remember right I
implemented the daemon thing when we first talked about the exim problem
or to help other short-living processes.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.






More information about the Gnutls-devel mailing list