---
- branch: MAIN
  date: Fri Jun 30 21:42:29 UTC 2023
  files:
  - new: '1.130'
    old: '1.129'
    path: src/etc/security
    pathrev: src/etc/security@1.130
    type: modified
  id: 20230630T214229Z.47830e6d5ad37b482e00f12c247c197e2660f2c3
  log: |
    security(5): Check kern.entropy.needed for confident entropy.

    Don't test whether a non-blocking read from /dev/random would return
    data.

    For the sake of availability, /dev/random will unblock based on sources
    like timer interrupts, which we can't confidently assert anything about
    the actual unpredictability of.

    Here, the goal is to highlight systems that have neither obtained
    entropy from an HWRNG with a confident entropy assessment, nor been
    seeded from a source the operator knows about.

    XXX pullup-10
  module: src
  subject: 'CVS commit: src/etc'
  unixtime: '1688161349'
  user: riastradh