bug#23605: /dev/urandom not seeded across reboots

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#23605: /dev/urandom not seeded across reboots

From:	Leo Famulari
Subject:	bug#23605: /dev/urandom not seeded across reboots
Date:	Fri, 27 May 2016 21:12:01 -0400
User-agent:	Mutt/1.6.0 (2016-04-01)

On Tue, May 24, 2016 at 02:24:59PM +0200, Ludovic Courtès wrote:
> Leo Famulari <address@hidden> skribis:
> 
> > I realized that we don't seem to be saving any of the entropy in the
> > kernel's random pool [0] across reboots.
> >
> > This means that for some period after boot, /dev/urandom may not be safe
> > to use. From random(4):
> 
> Good catch!
> 
> Some comments:
> 
> > +(define %urandom-seed-activation
> > +  ;; Activation gexp for the urandom seed
> > +  #~(begin
> > +      (use-modules (guix build utils))
> > +
> > +      (mkdir-p "/var/run")
> > +      (close-port (open-file "/var/run/urandom-seed" "a0b"))
> 
> Or simply ‘open-output-file’.

I don't see a way to use (open-output-file) in "append" mode as with
(open-file).  Without that, the file is cleared before it is read in the
following lines.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#23605: /dev/urandom not seeded across reboots, (continued)
- bug#23605: /dev/urandom not seeded across reboots, Leo Famulari, 2016/05/27
  - bug#23605: /dev/urandom not seeded across reboots, Ben Woodcroft, 2016/05/27
    - bug#23605: /dev/urandom not seeded across reboots, Leo Famulari, 2016/05/27
    - bug#23605: /dev/urandom not seeded across reboots, Ben Woodcroft, 2016/05/28

Prev by Date: bug#23605: /dev/urandom not seeded across reboots
Next by Date: bug#23605: /dev/urandom not seeded across reboots
Previous by thread: bug#23605: /dev/urandom not seeded across reboots
Next by thread: bug#23605: /dev/urandom not seeded across reboots
Index(es):
- Date
- Thread