- It will bail out with an error message and exit(1) if there's a problem with /dev/urandom and /dev/random
- The modulo bias has been replaced with a fancy cast-as-double, then multiply by 1.0/2**31, then multiply by max_value and cast back as int
configure.in should also be changed to get rid of the drand48 check (didn't want to spam patch)
Note that pwgen is a dependency of some other packages that users might not be aware of, such as 'maas-region-controller' and openerp - perhaps a check of the apparmor policy of those packages is needed to make sure access to /dev/urandom wasn't blocked.
Attached is a patch that fixes the bug:
- It will bail out with an error message and exit(1) if there's a problem with /dev/urandom and /dev/random
- The modulo bias has been replaced with a fancy cast-as-double, then multiply by 1.0/2**31, then multiply by max_value and cast back as int
configure.in should also be changed to get rid of the drand48 check (didn't want to spam patch)
Note that pwgen is a dependency of some other packages that users might not be aware of, such as 'maas-region- controller' and openerp - perhaps a check of the apparmor policy of those packages is needed to make sure access to /dev/urandom wasn't blocked.