Re: Why does reading from /dev/urandom deplete entropy so much?

From: Bill Davidsen
Date: Tue Dec 11 2007 - 10:25:28 EST

Next message: Jie Chen: "Re: Possible bug from kernel 2.6.22 and above, 2.6.24-rc4"
Previous message: Dmitry Baryshkov: "[PATCH] Tosa keyboard support"
In reply to: Ismail DÃnmez: "Re: Why does reading from /dev/urandom deplete entropy so much?"
Next in thread: Marc Haber: "Re: Why does reading from /dev/urandom deplete entropy so much?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Adrian Bunk wrote:

On Thu, Dec 06, 2007 at 02:32:05PM -0500, Bill Davidsen wrote:

...
Sounds like a local DoS attack point to me...

As long as /dev/random is readable for all users there's no reason to use /dev/urandom for a local DoS...

The original point was that urandom draws entropy from random, and that it is an an inobvious and unintentional drain on the entropy pool. At least that's how I read it. I certainly have programs which draw on urandom simply because it's a convenient source of meaningless data. I have several fewer since this discussion started, though, now that I have looked at the easy alternatives.

--
Bill Davidsen <davidsen@xxxxxxx>
"Woe unto the statesman who makes war without a reason that will still
be valid when the war is over..." Otto von Bismark

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jie Chen: "Re: Possible bug from kernel 2.6.22 and above, 2.6.24-rc4"
Previous message: Dmitry Baryshkov: "[PATCH] Tosa keyboard support"
In reply to: Ismail DÃnmez: "Re: Why does reading from /dev/urandom deplete entropy so much?"
Next in thread: Marc Haber: "Re: Why does reading from /dev/urandom deplete entropy so much?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]