libc6: fread(buf, 1, 1) from urandom consumes 4096 bytes of entropy
Philipp Marek
philipp.marek at linbit.com
Wed Aug 3 11:04:46 UTC 2011
Hello Jonathan!
On Wednesday 03 August 2011, Jonathan Nieder wrote:
> Philipp Marek wrote:
> > I think that on sockets, pipes, character devices, and similar there
> > should be _no_ readahead.
>
> On the contrary, on sockets and pipes, readahead is very useful.
> Luckily buffering there works a little closer to what you would expect
> --- read() returns early with what is available and fgetc happily
> makes use of the result without reading again.
Sorry, I did not make myself clear.
If there are multiple programs accessing the handle it's _vital_ for
sockets, cdevs and pipes that only the needed amount is read; files and
block devices can be seek()ed, but data read from one stream is _lost_ for
everybody else!
Think about a process reading authentication information, then starting a
different program for handling the stream (authenticated inetd, if you
like); if the fread() got more than just the authentication information, the
other process will not get the handshake!
I believe that fgetc() and fgets() shouldn't do prefetching on file handles
with "volatile" data.
> So I agree with Petr on this one. How about this patch? It will also
> help on every other unix supporting /dev/random I know of.
Well, ECL is fixed in that a different fix is already in git, but thank you
nonetheless!
More information about the pkg-common-lisp-devel
mailing list