-
-
Notifications
You must be signed in to change notification settings - Fork 11.1k
Closed
Labels
triaged: featureThe issue/pr requests/adds a featureThe issue/pr requests/adds a feature
Milestone
Description
This is a follow on from #4328
The current entropy gathering scheme is to attempt configured sources in order and to short circuit the remainder once the requested entropy have been gathered. This has both advantages and disadvantages. The main culprit is in rand_unix.c due to the necessary flexibility present.
- Multiple sources are better from a security viewpoint.
- We allow the user to configure multiple sources.
- By specifying a source the user is indicating that they trust the source, we shouldn't attempt to second guess this.
- Some sources are blocking, should they still block if the requested entropy has already been gathered?
How can we provide the user with finer control over the entropy gathering?
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
triaged: featureThe issue/pr requests/adds a featureThe issue/pr requests/adds a feature