From ba40cbca9650e1ddaa8357c21b5de31cc376c481 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Thu, 23 Jan 2014 02:18:40 +0100 Subject: Ensure urandom entropy is of cryptographic quality. The non-blocking PRNG /dev/urandom doesn't block if it has been seeded enough, sadly (e.g., if the entropy pool is empty). Reading a few bytes from the *blocking* should ensure that "the kernel RNG has [...] reach full entropy at least once, which guarantees cryptographic quality of the rest of the /dev/urandom stream." -- Tor bug #10676 https://trac.torproject.org/projects/tor/ticket/10676 See also urandom(4). --- src/fripost-postinst-udeb/finish-install.d/07fripost | 1 + 1 file changed, 1 insertion(+) (limited to 'src/fripost-postinst-udeb/finish-install.d/07fripost') diff --git a/src/fripost-postinst-udeb/finish-install.d/07fripost b/src/fripost-postinst-udeb/finish-install.d/07fripost index c00e617..5a7cd73 100755 --- a/src/fripost-postinst-udeb/finish-install.d/07fripost +++ b/src/fripost-postinst-udeb/finish-install.d/07fripost @@ -24,6 +24,7 @@ set -ue . /lib/fripost-partman/base.sh import=/cdrom/include +seed_urandom # Update the information below the progress bar. Also, log the argument. progress() { -- cgit v1.2.3