Re: monitoring entropy

H. Peter Anvin (hpa@transmeta.com)
Tue, 14 Oct 1997 13:21:38 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Rogier Wolff: "Re: serial input overrun(s) using ide-cd"
Previous message: Nicholas J. Leon: "Re:Using both serial ports at the same time, Summary please ..."
Next in thread: Ingo Molnar: "Re: monitoring entropy"
Reply: Ingo Molnar: "Re: monitoring entropy"

> > True, although that only gives you a single bit of information, not
> > the entire queue depth.
>
> I don't see how that makes a difference. Either /dev/urandom
> is providing entropic bytes, or it isn't.

Well, that is true; and I guess if you wanted to you could drain the
queue by doing nonblocking reads on /dev/random. Hence it probably
*wouldn't* be an (additional) security hole (except the covert
channel, but Linux makes no attempt at eliminating covert channels --
it provides IPC instead :) to allow anyone to read the enthropy pool
size.

-hpa

Next message: Rogier Wolff: "Re: serial input overrun(s) using ide-cd"
Previous message: Nicholas J. Leon: "Re:Using both serial ports at the same time, Summary please ..."
Next in thread: Ingo Molnar: "Re: monitoring entropy"
Reply: Ingo Molnar: "Re: monitoring entropy"