[Pkg-nagios-devel] Bug#660585: nagios-nrpe-server: again use secure RNG
Christoph Anton Mitterer
calestyo at scientia.net
Mon Feb 20 02:21:21 UTC 2012
To be fair enough I should probably add:
The original use of /dev/urandom seems to not the safest either.
It get's just 8 bit of entropy... not sure whether this is already
enough as initial seed; maybe it actually (I'm not a crypto expert).
But I do know, that things like PID, PPID, time and that like are highly
predictive.
Best wishes,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5677 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-nagios-devel/attachments/20120220/84c85f3e/attachment.bin>
More information about the Pkg-nagios-devel
mailing list