Date: Tue, 24 Dec 2013 15:26:06 -0800 From: Paul Hoffman <phoffman@proper.com> To: d@delphij.net Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>, FreeBSD Current <freebsd-current@freebsd.org>, Pawel Jakub Dawidek <pjd@FreeBSD.org> Subject: Re: [PATCH RFC] Disable save-entropy in jails Message-ID: <A84590F3-3B6D-4D6F-AF4C-F261C82B88AF@proper.com> In-Reply-To: <52BA1065.6000403@delphij.net> References: <52B9F232.1090002@delphij.net> <278988C7-1749-413D-A5E2-ABE6753B3766@proper.com> <52BA1065.6000403@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 24, 2013, at 2:53 PM, Xin Li <delphij@delphij.net> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 >=20 > On 12/24/13 14:36, Paul Hoffman wrote: >> On Dec 24, 2013, at 12:44 PM, Xin Li <delphij@delphij.net> wrote: >>=20 >>> I think we shouldn't save entropy inside jails, as the data is >>> not going to be used by rc script (pjd@126744). If there is no=20 >>> objections, I will commit this changeset on January 1, 2014. >>=20 >> Even if it is not used by an rc script, it might be used by some=20 >> userland program (running as root, of course) that knows about the=20 >> directory and wants some fresh entropy for its own use. >=20 > Why a userland application would want to use these? Would you mind > elaborating what kind of use that would be? I don't have a specific application in mind, and certainly not one for a = jail. However, I'm not sure what the value in removing a feature for a = jail if we don't know if anyone is using that feature. Thus, my = question. > My understanding is that the saved entropy is used for bootstraping > the system only: any applications that wants good random numbers > should just use /dev/random because relying on something saved on disk > is the worst way for someone who wants more entropy. Quite true. Note, however, that we don't delete the saved entropy after = booting and add it just before shutdown: we leave it there for some = reason. I'm not sure why a jail is so different of an environment that = it should be treated differently than a normal (non-jail) environment. = Maybe there is a reason, but I'm not seeing it. >> Is there a problem with saving the directory in jails? It >> certainly isn't taking up much space. >=20 > No, it's not about space. What I am concerned is that it may have > wasted entropy: each time (every */11 minute) the system would get > 2048 bytes out from /dev/random per jail. This deterministic behavior > may trigger reseeds earlier than wanted. I did not understand this. What changes in the system does removing = /var/db/entropy cause? (If this is answered in a longer article, a = pointer to it would be useful to me (and maybe others).) --Paul Hoffman=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A84590F3-3B6D-4D6F-AF4C-F261C82B88AF>