apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cliff Woolley <jwool...@virginia.edu>
Subject Re: apr_generate_random_bytes() blocks forever
Date Tue, 11 Mar 2003 23:18:54 GMT
On Tue, 11 Mar 2003, Ben Collins-Sussman wrote:

> Shouldn't apr_generate_random_bytes() being using /dev/urandom instead?
> According to thom, ./configure picks up 'random' before 'urandom', and
> substitutes whichever it finds first.  I think this is a Bad Thing.
> urandom should be preferred, no? Sander says there was a long thread
> about this, about how people wanted "strong random", but now we're stuck
> with a situation where apr_uuid_get() can block indefinitely...  :-(

There was just such a thread, yes.  I started it, as I recall.  :)  I had
the same initial reaction as you: that urandom should be used before
random.  But there was a strong feeling from various Smart People that
strong security by default was the more important factor.

Here is the thread:
http://marc.theaimsgroup.com/?l=apr-dev&m=102236181107114&w=2

--Cliff

Mime
View raw message