On Sun, May 31, 2020 at 7:23 AM Bruno Haible <br...@clisp.org> wrote: > > ... > 3) There is the question whether getrandom() should be based on module > crypto/gc-random. That is, whether the configure script should accept an > option --with-libgcrypt, in order to use libgcrypt when available. > I think the answer is "no", for two reasons: > * Would we want to override the glibc function getrandom() with an > implementation that requires an external library? Most likely no. > * I think libgcrypt is for programs that have strong cryptographic > needs, such as gpg or ssh-keygen. For most other programs, the system- > provided /dev/random should be enough.
/dev/random should no longer be used on Linux. See https://lkml.org/lkml/2017/7/20/993. Jeff