Re: CONFIG_RANDOM (compromise?)

Harald Anlauf (
Mon, 20 May 1996 12:00:27 +0200

[This mail is not CC'ed to the linux-kernel list]

>>>>> "tytso" == "Theodore Y Ts'o" <tytso@MIT.EDU> writes:

tytso> From: lilo <TaRDiS@Mail.UTexas.EDU>
tytso> As long as these devices don't have the same minor numbers.

This will require a modified MAKEDEV script that knows how you compiled
your current kernel ...

tytso> If you're going to be using a pseudo-random number generator, then it
tytso> doesn't belong in the kernel at all.

Yes. (It would be too much overhead for a user-level program anyway).

tytso> The whole reason for putting a /dev/random driver into the kernel was
tytso> because it had access to low-level timing information which you couldn't
tytso> efficiently obtain from a user-mode program.

Now that is an important point.

Theodore: Let me ask you a question regarding real security.

If somebody (else) runs a process constantly sucking numbers from
/dev/random on an (maybe your) essentially "idle" machine, i.e. with
little activity on keyboard, disk, network, etc., can you still
guarantee that _you_ still get sufficiently good random numbers from
/dev/random, to prevent any attacks, even if this "somebody else"
communicates these numbers to an assumed attacker? (Do not assume that
you can use e.g. the Pentium time stamp register).