On Tue, Oct 18, 2016 at 12:34 PM, Tom Lane wrote:
> Michael Paquier writes:
>> And actually, enabling prngd would need to be controlled by a
>> configure switch as well disabled by default, no?
>
> AFAICT, openssl has no configuration options
Michael Paquier writes:
> And actually, enabling prngd would need to be controlled by a
> configure switch as well disabled by default, no?
AFAICT, openssl has no configuration options related to prngd; they
seem to be able to use it automatically when /dev/[u]random
On Tue, Oct 18, 2016 at 5:35 AM, Tom Lane wrote:
> If we want it to fail, and don't want to retire pademelon, there are
> multiple ways we could get to that goal:
>
> * Enable --with-openssl in pademelon's build (don't really want to do
> this, since I believe almost all the
Robert Haas writes:
> On Mon, Oct 17, 2016 at 1:48 PM, Heikki Linnakangas wrote:
>> I'm going to try implementing prngd support. It seems easy enough, and prngd
>> can be run on modern systems too, which is important for testing it.
> TBH, if pandemolon
On Mon, Oct 17, 2016 at 1:48 PM, Heikki Linnakangas wrote:
> I'm going to try implementing prngd support. It seems easy enough, and prngd
> can be run on modern systems too, which is important for testing it.
TBH, if pandemolon is the only system in the BF that doesn't have any
On Mon, Oct 17, 2016 at 2:14 PM, Tom Lane wrote:
> But in general, I think that being this picky about cancel keys on systems
> that are too old to have /dev/random is not really helpful to anybody.
> I don't recall any reports of anyone ever having a DOS situation from
> weak
Heikki Linnakangas writes:
> I'm going to try implementing prngd support. It seems easy enough, and
> prngd can be run on modern systems too, which is important for testing it.
OK, if you feel like doing the work. However:
> In addition to that, I'm going to see if we can
On 10/17/2016 06:21 PM, Tom Lane wrote:
Heikki Linnakangas writes:
On 10/17/2016 05:50 PM, Tom Lane wrote:
The real issue here is whether we are willing to say that
Postgres simply does not work anymore on machines without standard entropy
sources. Doesn't matter whether the
* Heikki Linnakangas (hlinn...@iki.fi) wrote:
> On 10/17/2016 05:50 PM, Tom Lane wrote:
> >Heikki Linnakangas writes:
> >>Replace PostmasterRandom() with a stronger way of generating randomness.
> >
> >This patch broke padmeleon:
> >
> >016-10-17 09:57:17.782 EDT
On 10/17/2016 05:50 PM, Tom Lane wrote:
Heikki Linnakangas writes:
Replace PostmasterRandom() with a stronger way of generating randomness.
This patch broke padmeleon:
016-10-17 09:57:17.782 EDT [5804d8bd.57c2:1] LOG: database system was shut
down at 2016-10-17
10 matches
Mail list logo