Re: short read from /dev/urandom

From: Ulrich Drepper
Date: Fri Jan 14 2005 - 01:55:38 EST

Next message: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Previous message: Willy Tarreau: "Re: propolice support for linux"
In reply to: David Wagner: "Re: short read from /dev/urandom"
Next in thread: David Wagner: "Re: short read from /dev/urandom"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 14 Jan 2005 05:56:41 +0000 (UTC), David Wagner
<daw@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:

> True. Arguably, the solution is to fix the documentation.

The problem is that no-short-reads behavior has been documented for a
long time and so programs might, correctly so, use

while (read(fd, buf, sizeof buf) == -1)
continue;

Image a program doing this. It provides the possibility for a local
attack. If one can determine the content of the to-be-filled buffer
before the 'read', then an attacker could limit the randomness in the
buffer after the read by sending signals to the program.

Not breaking the ABI is more important than symmetry.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Matt Mackall: "Re: [PATCH] [request for inclusion] Realtime LSM"
Previous message: Willy Tarreau: "Re: propolice support for linux"
In reply to: David Wagner: "Re: short read from /dev/urandom"
Next in thread: David Wagner: "Re: short read from /dev/urandom"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]