[Security-sig] Can /dev/urandom ever revert from the "good" to the "bad" state?

Guido van Rossum guido at python.org
Wed Jun 22 22:29:33 EDT 2016


On Wed, Jun 22, 2016 at 7:18 PM, Donald Stufft <donald at stufft.io> wrote:

>
> On Jun 22, 2016, at 10:15 PM, Guido van Rossum <guido at python.org> wrote:
>
> Before I can possibly start thinking about what to do when the system's
> CSPRNG is initialized, I need to understand more about how it works.
> Apparently there's a possible transition from the "not ready yet" ("bad")
> state to "ready" ("good"), and all it takes is usually waiting for a second
> or two. But is this a wait that only gets incurred once, somewhere early
> after a boot, or is this something that can happen at any time?
>
>
>
> Once, only after boot. On most (all?) modern Linux systems there’s even
> part of the boot process that attempts to seed the CSPRNG using random
> values stored during a previous boot to shorten the time window between
> when it’s ready and when it’s not yet initialized. However, once it is
> initialized it will never block (or EAGAIN) again.
>

Then shouldn't it be the responsibility of the boot sequence rather than of
the Python stdlib to wait for that event? IIUC that's what OS X does (I
think someone described that it even kernel-panics when it can't enter the
"good" state).

-- 
--Guido van Rossum (python.org/~guido)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/security-sig/attachments/20160622/54bd727c/attachment.html>


More information about the Security-SIG mailing list