Date: Tue, 24 Dec 2013 15:26:06 -0800 From: Paul Hoffman <phoffman@proper.com> To: d@delphij.net Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>, FreeBSD Current <freebsd-current@freebsd.org>, Pawel Jakub Dawidek <pjd@FreeBSD.org> Subject: Re: [PATCH RFC] Disable save-entropy in jails Message-ID: <A84590F3-3B6D-4D6F-AF4C-F261C82B88AF@proper.com> In-Reply-To: <52BA1065.6000403@delphij.net> References: <52B9F232.1090002@delphij.net> <278988C7-1749-413D-A5E2-ABE6753B3766@proper.com> <52BA1065.6000403@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 24, 2013, at 2:53 PM, Xin Li <delphij@delphij.net> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 12/24/13 14:36, Paul Hoffman wrote: >> On Dec 24, 2013, at 12:44 PM, Xin Li <delphij@delphij.net> wrote: >> >>> I think we shouldn't save entropy inside jails, as the data is >>> not going to be used by rc script (pjd@126744). If there is no >>> objections, I will commit this changeset on January 1, 2014. >> >> Even if it is not used by an rc script, it might be used by some >> userland program (running as root, of course) that knows about the >> directory and wants some fresh entropy for its own use. > > Why a userland application would want to use these? Would you mind > elaborating what kind of use that would be? I don't have a specific application in mind, and certainly not one for a jail. However, I'm not sure what the value in removing a feature for a jail if we don't know if anyone is using that feature. Thus, my question. > My understanding is that the saved entropy is used for bootstraping > the system only: any applications that wants good random numbers > should just use /dev/random because relying on something saved on disk > is the worst way for someone who wants more entropy. Quite true. Note, however, that we don't delete the saved entropy after booting and add it just before shutdown: we leave it there for some reason. I'm not sure why a jail is so different of an environment that it should be treated differently than a normal (non-jail) environment. Maybe there is a reason, but I'm not seeing it. >> Is there a problem with saving the directory in jails? It >> certainly isn't taking up much space. > > No, it's not about space. What I am concerned is that it may have > wasted entropy: each time (every */11 minute) the system would get > 2048 bytes out from /dev/random per jail. This deterministic behavior > may trigger reseeds earlier than wanted. I did not understand this. What changes in the system does removing /var/db/entropy cause? (If this is answered in a longer article, a pointer to it would be useful to me (and maybe others).) --Paul Hoffman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A84590F3-3B6D-4D6F-AF4C-F261C82B88AF>