On Wed, 2004-04-21 at 04:40, Russell Coker wrote:
On Wed, 21 Apr 2004 12:49, Colin Walters <walters(a)redhat.com>
wrote:
> I presume by the way there's a reason access to random_device_t is was
> originally denied - it prevents users from draining your good entropy by
> generating a ton of keys. On the other hand, if you have GPG installed
Actually when I gave different types to /dev/random and /dev/urandom we just
sorted out which access each program seemed to need. At the time GPG didn't
seem to want /dev/random access. If it wants it then it should get it.
I think it only uses /dev/random when generating keys.
It seems that every desktop, laptop, and PDA shipped in the last few
years has
sound hardware. The microphone that's built in to many machines can be used
as a source of entropy, and even an unconnected line-in if sampled at 16bit
will do reasonably well. There is already policy
for /usr/sbin/audio-entropyd to use this, if we get this packaged then maybe
it would be the best solution to the problem?
That does sound like a cool idea. You can really get data even if
there's no microphone connected?