> we can't drop the /dev/urandom fallback, it would break too many decade-old kernels
-
> we can't drop the /dev/urandom fallback, it would break too many decade-old kernels
Ok. Fine. But we're getting a seccomp self-executing test that tests the fallback *and* itself and then another test that tests that the fallback runs only under test.
Also the fallback is slow.
(Again multiple hours of work for 21 lines of production change, but I am very happy that there are precisely three new lines in the "most Go programs depend on this for security" code path.)
-
Morten Linderudreplied to Filippo Valsorda :go: last edited by
Slight question as you are copying code from linux, doesn't this "force" the Go compiler to be distributed under the terms of GPLv2?
The license of the copied code is not clearly defined either.
-
Filippo Valsorda :go:replied to Morten Linderud last edited by
@Foxboron aaah the question then is whether APIs are code, since that’s all I copied, and for that I refer you to Google v Oracle.
(But also, if linux-header files trigger the GPL, then nearly all Linux programs are GPL, which sounds unlikely.)
-
Morten Linderudreplied to Filippo Valsorda :go: last edited by
@filippo
Isn't there a difference between linking towards and copying the code over? -
Farce Majeurereplied to Filippo Valsorda :go: last edited by
-
Morten Linderudreplied to Farce Majeure last edited by
-
@filippo I'd start to worry if you added a thousand LoC to go/crypto each day