On Fri, 4 Jan 2008 15:39, [EMAIL PROTECTED] said: > You mean the problem where one client requests a lot of randomness, > which would hurt the randomness received by other clients?
Right. Though the IPC mechanims allows for several concurrent requests, the hear of the RNG serializes everything. > Maybe we could simply punt on that problem. The /dev/*random devices > have the same problem, doesn't it? Yes /dev/random has the same property. > Another solution, how about to refuse to give out entropy to processes > not listed in a world-readable but root-writable file > /etc/libgcryptd.conf file? Well it is experimental and I had similar ideas. If I remember right I implemented the daemon thing when we first talked about the exim problem or to help other short-living processes. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
