On Fri, Nov 15 2024, Mark Kettenis <mark.kette...@xs4all.nl> wrote: >> >> Or use getrandom(), which according to the man page has been exposed via >> glibc since glibc 2.25. Or just read from /dev/urandom which should work >> everywhere. > > $ man getrandom > man: No entry for getrandom in the manual.
I assume this is intended to inform me that getrandom() doesn't exist on *BSD? As I said, reading from /dev/urandom is probably better as that also works on BSDs automatically. If somebody tries to do crypto stuff in an environment where they've removed such a basic device node, they get to keep both pieces (i.e. the code should just fail) Rasmus
