[Dovecot] random pool depletion
Timo Sirainen
tss at iki.fi
Fri Dec 31 00:18:03 EET 2004
On Thu, 2004-12-30 at 13:54 +0100, Johannes Berg wrote:
> I'm facing a problem with dovecot 1.0 test-59; ever since I installed it
> and use it my random pool is always depleted whenever someone opens an
> imap connection. This wouldn't be too bad if the machine was used
> interactively, but since it is not and other services read directly from
> /dev/random those are sometimes blocked due to dovecot depleting the
> pool by reading /dev/urandom.
I thought /dev/urandom didn't affect /dev/random? Guess I was wrong. Or
is this Linux?
> Thus my question: is it really necessary to use random numbers from
> /dev/urandom for temporary filenames? And even if, couldn't it use less?
> It apparently uses 8 bytes every time.
I guess I could add random_weak_fill() function which they use, which
would basically call just rand().
Other things that use randomness are non-plaintext authentication
mechanisms, maybe most importantly APOP, which if enabled reads 16 bytes
for every POP3 login even if it's not using APOP.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20041231/878a182a/attachment-0001.bin>
More information about the dovecot
mailing list