On Sun, Jun 25, 2006 at 10:59:33AM +0300, Ami Chayun wrote:
> This is an extremely bad move. 'Headless' servers with no keyboard and mouse > have very few ways to create random entropy. Since the server in question is > a web server, it both generates little amount of entropy via disk events, and > it requires a lot of random entropy due to SSL. The theory behind disabling entropy gathering from network sources is that those can be affected (controlled?) by an attacker. There was a long thread about this recently on lkml, see thread starting at http://marc.theaimsgroup.com/?l=linux-kernel&m=114684809230875&w=2 for both sides of the argument. Cheers, Muli ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
