1. 14

  2. 5

    I’ve got mixed feelings about this development.

    On one hand, it’s great that POSIX may get something to help portable cryptographic randomness along.

    On the other hand, getentropy() is probably the wrong approach. Its name at least implies that it’s meant to seed user-space random number generators; iser-space random number generators inherently suffer from not being able to benefit from the kernel’s common entropy pool. getentropy() has size limits. It can fail. OpenBSD and Linux both specify a EIO for “some other fatal error” or “an unspecified error occurred”, respectively. Standardizing the existing and somewhat widespread arc4random() interface may have proven more helpful for application developers.

    1. 2

      Note that arc4random was proposed for POSIX. Read the discussion.