Weird pop3d hang problem (fd blocked?!)

John Alton Tamplin jtampli at
Tue Jun 10 12:32:58 EDT 2003

foobar wrote:

>See word *theoretically* , didn't urandom gather some data from
>network-interfaces too so it may be affected. Nobody knows when it takes
>data from device nr X.
My point was simply before you decide to link random to urandom for the 
sake of Cyrus, you should consider the impact that will have on other 
applications that need random numbers.  If others have access to your 
machine and you are generating private keys, they could exhaust all the 
entropy from /dev/random, read enough of /dev/urandom to determine the 
position in the sequence, and then know what random numbers your key 
generation code used.  Granted, it is far-fetched and a lot of work, but 
when you are building a key that will be used for years and could 
compromise other keys if revealed, it pays to be safe.

>/dev/urandom appeared in solaris since version8 (patch). random's
>device-number is 8 while urandom's is 9. What about if there is
>config-option for this device?
When you build SASL, just define -DDEV_RANDOM=/dev/urandom.

John A. Tamplin                               Unix System Administrator
Emory University, School of Public Health     +1 404/727-9931

More information about the Info-cyrus mailing list