[Buildroot] [PATCH] move random-seed from /etc to /var/lib
Peter Korsgaard
peter at korsgaard.com
Thu Mar 12 23:12:34 UTC 2015
>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:
> On 03/12/2015 08:01 PM, Peter Korsgaard wrote:
>> But if rootfs is RO, so will /var/lib then?
>>
>> I would rather get rid of the static random_seed file instead. Seeding
>> all Buildroot based devices with a RO rootfs from the same 512 bytes of
>> data can hardly be helpful for security.
>>
>> For a R/W rootfs, why would /var/lib be any better than /etc?
> I'm still planning to revap the random initscript and throw some infra
> there.
> Who says we can't use /etc/default + /etc/config for this? We can tell
> where to write randomness if it's available that way.
> On the project side we can choose if we'll use a per-project (build
> time) random seed or nothing at all, after all we can't know every
> scenario out there.
Ok, but simply doing a git rm system/skeleton/etc/random-seed would be a
good start (and shouldn't cause issues for any of those features).
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list