Re: getrandom and getentropy

To: tech-userlevel%NetBSD.org@localhost
Subject: Re: getrandom and getentropy
From: Joerg Sonnenberger <joerg%bec.de@localhost>
Date: Sun, 10 May 2020 18:23:10 +0200

On Sun, May 10, 2020 at 02:24:00PM +0300, Andreas Gustafsson wrote:
> The getentropy() man pages on OpenBSD, FreeBSD, and Linux all say it
> returns "high-quality" entropy, and do not caution against using it
> for security critical purposes such as key generation, so presumably
> applications do in fact use if for such purposes.  Given that,
> implementing it as getrandom(..., GRND_INSECURE) seems like a bad
> idea.

We don't warn people about unavailable of 127.0.0.1/:: during very early
boot and a number of other issues either. If your application is running
during system initialisation, you are supposed to be somewhat aware of
the limitations in that case.

Joerg

Follow-Ups:
- Re: getrandom and getentropy
  - From: Andreas Gustafsson

References:
- Re: getrandom and getentropy
  - From: nia
- Re: getrandom and getentropy
  - From: Taylor R Campbell
- Re: getrandom and getentropy
  - From: Andreas Gustafsson

Prev by Date: Re: PATCH libatomic
Next by Date: Re: PATCH libatomic
Previous by Thread: Re: getrandom and getentropy
Next by Thread: Re: getrandom and getentropy
Indexes:

Home | Main Index | Thread Index | Old Index