|
|
|
|
|
|
by throway_zwudbo
1589 days ago
|
|
|
> Applications trust /dev/urandom to be secure. That is decidedly not true. /dev/urandom is not guaranteed to be secure upon boot before enough entropy is gathered by the system, but it is guaranteed to not block indefinitely. The patch changes this contract by making /dev/urandom guaranteed secure and maybe block indefinitely if some unlikely edge case is encountered. |
|
|