2.4.7: random.c - potential security problem

From: Ulrich Windl (Ulrich.Windl@rz.uni-regensburg.de)
Date: Fri Aug 10 2001 - 00:53:04 EST

Next message: Linus Torvalds: "Re: Some dbench 32 results for 2.4.8-pre8, 2.4.7-ac10, and 2.4.7"
Previous message: Steven Cole: "Some dbench 32 results for 2.4.8-pre8, 2.4.7-ac10, and 2.4.7"
Next in thread: Ulrich Windl: "Re: 2.4.7: random.c - potential security problem"
Maybe reply: Ulrich Windl: "Re: 2.4.7: random.c - potential security problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

maybe some of you find this interesting: Yesterday I was grepping for
some variable in the source tree when I ended up in
drivers/char/random.c. There I noticed that the driver uses wall time
to re-seed the TCP sequence numbers for example. This means that no re-
seeding takes place if the clock is set back a significant amount of
time, e.g. if the CMOS clock failed or was completely off.

I don't know if the problem is severe, but I thought I tell you.

Regards,
Ulrich
P.S. Not subscribed to this list

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: Some dbench 32 results for 2.4.8-pre8, 2.4.7-ac10, and 2.4.7"
Previous message: Steven Cole: "Some dbench 32 results for 2.4.8-pre8, 2.4.7-ac10, and 2.4.7"
Next in thread: Ulrich Windl: "Re: 2.4.7: random.c - potential security problem"
Maybe reply: Ulrich Windl: "Re: 2.4.7: random.c - potential security problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Aug 15 2001 - 21:00:32 EST