In order to clear the entropy count when using linux's /dev/random through the system call ioctl (RNDCLEARPOOL), the caller must have root privilege (according to this: http://ift.tt/1LRPRAS). Why is it necessary to prevent user space applications from being able to clear the entropy count?
Aucun commentaire:
Enregistrer un commentaire