On 02/09/2024 14:21, Fabian Grünbichler wrote:
IIRC this was intentional, since passing in the hardware RNG can starve the host of entropy rather quickly. is this no longer the case, or handled by some other check? if so, please include these details here. if not, then I don't think we want to go with this patch - but maybe we want to tighten some other code paths instead 😉
Reading from /dev/urandom has never consumed entropy and reading from /dev/random no longer poses a concern since the kernel no longer uses a blocking entropy pool. [1] The only potential issue might be the starvation of the hardware RNG when /dev/hwrng is used. So we might not want to allow a non-root user to configure /dev/hwrng, but letting non-root users configure the other two options (/dev/urandom and /dev/random) seems reasonable. It might make sense to only allow non-root users to configure /dev/urandom and /dev/random as RNG sources. [1] https://lwn.net/Articles/808575/ _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
