The Darwin man page justifies this behaviour saying:
/dev/urandom is a compatibility nod to Linux. On Linux, /dev/urandom will produce lower quality output if the
entropy pool drains, while /dev/random will prefer to block and wait for additional entropy to be collected. With
Yarrow, this choice and distinction is not necessary, and the two devices behave identically. You may use either.
Yarrow is a fairly resilient algorithm, and is believed to be resistant to non-root. The quality of its output is
however dependent on regular addition of appropriate entropy.