On Mon, Dec 18, 2000 at 04:33:13PM -0500, Theodore Y. Ts'o wrote: > Note that writing to /dev/random does *not* update the entropy estimate, > for this very reason. The assumption is that inputs to the entropy > estimator have to be trusted, and since /dev/random is typically > world-writeable, it is not so trusted. It should not be world-writeable, IMHO. So the only one who can feed entropy there is root, who should know aht (s)he's doing ... Here (SuSE Linux 7.x), it is 644: crw-r--r-- 1 root root 1, 8 Dec 17 22:41 /dev/random crw-r--r-- 1 root root 1, 9 Dec 17 22:41 /dev/urandom Regards, -- Kurt Garloff <[EMAIL PROTECTED]> Eindhoven, NL GPG key: See mail header, key servers Linux kernel development SuSE GmbH, Nuernberg, FRG SCSI, Security
PGP signature- /dev/random: really secure? Karel Kulhavy
- RE: /dev/random: really secure? David Schwartz
- Re: /dev/random: really secure? Karel Kulhavy
- Re: /dev/random: really secure? David Feuer
- Re: /dev/random: really secure? Jamie Lokier
- Re: /dev/random: really secure? Theodore Y. Ts'o
- Re: /dev/random: really secure? Andreas Dilger
- Re: /dev/random: really secure? Daniel Stone
- Re: /dev/random: really secure? Kurt Garloff
- Re: /dev/random: really secure? Peter Samuelson
- Re: /dev/random: really secure? Theodore Y. Ts'o
- Re: /dev/random: really secure? Pavel Machek
- RE: /dev/random: really secure? David Schwartz
- Re: /dev/random: really secure? Martin Mares
- Re: /dev/random: really secure? Philipp Rumpf
- Re: /dev/random: really secure? Bernd Eckenfels
- Re: /dev/random: really secure? Jamie Lokier
- Re: /dev/random: really secure? Bernd Eckenfels
