From owner-freebsd-security@FreeBSD.ORG Sun Jul 24 18:19:14 2005 Return-Path: X-Original-To: freebsd-security@FreeBSD.org Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B15F716A41F; Sun, 24 Jul 2005 18:19:14 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id 15D6F43D46; Sun, 24 Jul 2005 18:19:14 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id C0D35ACAE0; Sun, 24 Jul 2005 20:19:12 +0200 (CEST) Date: Sun, 24 Jul 2005 20:19:12 +0200 From: Pawel Jakub Dawidek To: Poul-Henning Kamp Message-ID: <20050724181912.GO46538@darkness.comp.waw.pl> References: <20050724135738.GM46538@darkness.comp.waw.pl> <64009.1122213962@phk.freebsd.dk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="KooJrfvDkviRNGvv" Content-Disposition: inline In-Reply-To: <64009.1122213962@phk.freebsd.dk> User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 Cc: src-committers@FreeBSD.org, "Andrey A. Chernov" , cvs-src@FreeBSD.org, cvs-all@FreeBSD.org, freebsd-security@FreeBSD.org, Colin Percival Subject: Re: cvs commit: src/games/fortune/fortune fortune.c X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Jul 2005 18:19:15 -0000 --KooJrfvDkviRNGvv Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Jul 24, 2005 at 04:06:02PM +0200, Poul-Henning Kamp wrote: +> In message <20050724135738.GM46538@darkness.comp.waw.pl>, Pawel Jakub Da= widek writes: +>=20 +> >We should probably test entropy quality on boot. +> >I've somewhere userland version of /sys/dev/rndtest/ which implements +> >FIPS140-2 tests for (P)RNGs. We can use put it into rc.d/ and warn user= s. +>=20 +> We also need to put code into exec(2) to verify that the binary we're ab= out +> to execute does not suffer from Turings halting problem (ie: contains no +> endless loops)=20 +>=20 +> We might as well inspect for buffer overflows at the same time. +>=20 +> Anyway, back in this universe: We should not stick a lot of stuff into +> our boot-time scripts, they are slow enough already. I think such a tool will be still useful (even if not turned on by default), so one can turn it on when thinks it's needed: - on production machines, - on first start of rc.d/sshd (when you host keys are generated), - when you need to check if PRNG is the thing which makes your fortune not to work properly (or instrument the user how to do it easly). etc. We (FreeBSD) did a lot of work to have really good PRNG, so its sucks when it just doesn't work. PS. CCing freebsd-security@. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --KooJrfvDkviRNGvv Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFC49ugForvXbEpPzQRAuA3AKDSdLbn/1r1OTLqK2SBImZAgUX/yQCdHHuE y683EjdBYjoc4QhQhvID/8g= =5f5C -----END PGP SIGNATURE----- --KooJrfvDkviRNGvv--