Re: recent sysinst UX changes

To: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Subject: Re: recent sysinst UX changes
From: maya%NetBSD.org@localhost
Date: Mon, 9 Nov 2020 20:49:13 +0000

On Mon, Nov 09, 2020 at 09:53:50AM -0500, Mouse wrote:
> > So: happy to make it more userfriendly, simpler, rephrase messages,
> > whatever needed - but we should not end up with insecure installs.
> 
> Lack of good randomness does not quite equal insecure install.  Warn
> about it, sure, but I think *requiring* randomness is a bad idea.  For
> example, I've been working with recent NetBSD at work, for something
> for which the presence or absence of good random-seed data makes
> absolutely no difference to security.

Unfortunately it leads to surprise failures if programs ever use
/dev/random. If not seeded, reads from it will block forever.
So far we've seen:
- Firefox refusing to start
- Python having problems
And some more things that have been patched not to use /dev/random.

Follow-Ups:
- Re: recent sysinst UX changes
  - From: Vincent DEFERT
- Re: recent sysinst UX changes
  - From: Mouse

References:
- recent sysinst UX changes
  - From: nia
- Re: recent sysinst UX changes
  - From: Martin Husemann
- Re: recent sysinst UX changes
  - From: nia
- Re: recent sysinst UX changes
  - From: Martin Husemann
- Re: recent sysinst UX changes
  - From: Mouse

Prev by Date: Re: recent sysinst UX changes
Next by Date: Re: recent sysinst UX changes
Previous by Thread: Re: recent sysinst UX changes
Next by Thread: Re: recent sysinst UX changes
Indexes:

Home | Main Index | Thread Index | Old Index