Why almost every command is trying to read urandom?

Mauro Condarelli mc5686 at mclink.it
Tue Nov 12 21:43:28 UTC 2019



On 11/12/19 10:12 PM, Michael Conrad wrote:
> I hadn't noticed before, but I just checked and my busybox 1.11 is
> doing this (reading /dev/urandom on every single applet startup) but I
> have a later busybox 1.30 which does not. 
I'm currently using busybox-1.31.0

>    strace busybox echo 2>&1 | grep rand
I don't have strace in my current build; I'll try it ASAP.

> /dev/random needs to “collect entropy” from unpredictable things like 
This is actually an embedded system and, while it has things like
ssh/sshd for maintenance, it doesn't really need any "cryptographic
security".

> For one of the copies of busybox I have on hand, it appears that it
> initializes srand() at the startup of every single applet.
>
What's the rationale for that?
Why should things like "ls" need srand()?

> I don't see a reference to /dev/urandom in the current busybox source
> that would have this effect, so either busybox fixed it, or the
> behavior was coming from a particular libc used to build busybox.  My
> busybox with that behavior is statically linked, and I don't recall
> which libc it was.  Since you just got yours out of a Buildroot, you
> should be able to investigate that easier.
>
I have a reasonably recent Buildroot toolchain
(mipsel-buildroot-linux-uclibc-cc.br_real (Buildroot
2019.11-git-01046-g084c788231-dirty) 8.3.0).
I'll try to investigate.

Question: is that supposed to be a "harmless warning" or it's the tip of
an iceberg?
>
> -Mike
>
Thanks.
Mauro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/busybox/attachments/20191112/8106004f/attachment.html>


More information about the busybox mailing list