Hacker News new | ask | show | jobs
by lihes 2973 days ago
man urandom

> When read during early boot time, /dev/urandom may return data prior to the entropy pool being initialized.

I see no bugs here. Just repeating what is written in the man page.
3 comments
oconnor663 2972 days ago
If you continue to the next sentence in that man page:

> If this is of concern in your application, use getrandom(2) or /dev/random instead.

These bugs affect getrandom too.

link
lihes 2971 days ago
Where is it written? Could you pin point it? I see urandom everywhere.
link
oconnor663 2971 days ago
I got it from this part, unless I'm misreading:

> Multiple callers, including sys_getrandom(..., flags=0), attempt to wait for the

> RNG to become cryptographically safe before reading from it by checking for

> crng_ready() and waiting if necessary. However, crng_ready() only checks for

> `crng_init > 0`, and `crng_init==1` does not imply that the RNG is

> cryptographically safe.

link
jwilk 2973 days ago
Please don't post shallow dismissals.

None of the reported bugs are about /dev/urandom returning data too early.

link
anon1385 2973 days ago
Keep in mind that a lot of high profile security people on HN and elsewhere have spent many years now telling everybody that the linux urandom man page is wrong, so don't be surprised when people ignore it.

https://hn.algolia.com/?query=urandom%20manpage&sort=byPopul...

link