Message217281
| Author | neologix |
|---|---|
| Recipients | alex, benjamin.peterson, christian.heimes, dstufft, giampaolo.rodola, janssen, josh.r, ncoghlan, neologix, tshepang |
| Date | 2014-04-27.16:31:43 |
| SpamBayes Score | -1.0 |
| Marked as misclassified | Yes |
| Message-id | <1398616303.68.0.514450011947.issue21305@psf.upfronthosting.co.za> |
| In-reply-to |
| Content | |
|---|---|
Like Antoine, I'm really skeptical about the backport: honestly, this change doesn't bring much in a normal application. To run into the number of open file descriptors limit (so the "scalability" aspect), one would need to have *many* concurrent threads reading from /dev/urandom. For the "performance" aspect, I have a hard time believing that the overhead of the extra open() + close() syscalls is significant in a realistic workload. If reading from /dev/urandom becomes a bottleneck, this means that you're depleting your entropy pool anyway, so you're in for some potential trouble... > There is a reason we don't backport new features! Couldn't agree more. This whole "let's backport security enhancements" sounds scary to me. |
|
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2014-04-27 16:31:43 | neologix | set | recipients: + neologix, ncoghlan, janssen, giampaolo.rodola, christian.heimes, benjamin.peterson, alex, tshepang, dstufft, josh.r |
| 2014-04-27 16:31:43 | neologix | set | messageid: <1398616303.68.0.514450011947.issue21305@psf.upfronthosting.co.za> |
| 2014-04-27 16:31:43 | neologix | link | issue21305 messages |
| 2014-04-27 16:31:43 | neologix | create | |