/dev/random was almost always returning 0 bytes. This was due to several
factors, primarily the fact that the stack smash handler reads 32 bytes from
/dev/urandom every time a program is exec'd, and because /dev/random and
/dev/urandom share the same pool.
involved: (1) The stack smash handler reads 32 bytes from /dev/urandom every
time a program is exec'd. This exhausts the pool almost immediately.
(2) /dev/random and /dev/urandom share the same pool, and /dev/urandom is
called so often that there is never any entropy available for /dev/random.
Give /dev/random and /dev/urandom separate entropy pools and make the entropy
loss calculation less conservative.
Reported-by: David Rhodus