- From: Glenn Maynard <glenn@zewt.org>
- Date: Sat, 5 Feb 2011 23:21:43 -0500
On Sat, Feb 5, 2011 at 11:07 PM, Cedric Vivier <cedricv at neonux.com> wrote:
> read(FD("/dev/random"), PTR(arraybufferview->data),
> arraybufferview->byteLength)
>
More accurately, /dev/urandom, since this is a synchronous API that
shouldn't block. This should be made explicit if this gets specced.
I thought about suggesting a /dev/random-like interface earlier--one which
reads from a real, blocking entropy source (like /dev/random) with an async
API. However, on examination /dev/urandom is apparently good enough even
for ssh-keygen, so I'm guessing that's unnecessary. (It could also cause
other problems, eg. allowing webpages to flush a user's kernel's entropy
buffer and causing separate pages to compete for entropy data.)
--
Glenn Maynard
Received on Saturday, 5 February 2011 20:21:43 UTC