From owner-freebsd-security@FreeBSD.ORG Tue Dec 24 23:38:00 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 781C96E2; Tue, 24 Dec 2013 23:38:00 +0000 (UTC) Received: from h2.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4CC8719EB; Tue, 24 Dec 2013 23:37:59 +0000 (UTC) Received: from h2.funkthat.com (localhost [127.0.0.1]) by h2.funkthat.com (8.14.3/8.14.3) with ESMTP id rBONbmYE047167 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 24 Dec 2013 15:37:49 -0800 (PST) (envelope-from jmg@h2.funkthat.com) Received: (from jmg@localhost) by h2.funkthat.com (8.14.3/8.14.3/Submit) id rBONbmbD047166; Tue, 24 Dec 2013 15:37:48 -0800 (PST) (envelope-from jmg) Date: Tue, 24 Dec 2013 15:37:48 -0800 From: John-Mark Gurney To: Paul Hoffman Subject: Re: [PATCH RFC] Disable save-entropy in jails Message-ID: <20131224233748.GA99167@funkthat.com> Mail-Followup-To: Paul Hoffman , d@delphij.net, "freebsd-security@freebsd.org" , FreeBSD Current , Pawel Jakub Dawidek References: <52B9F232.1090002@delphij.net> <278988C7-1749-413D-A5E2-ABE6753B3766@proper.com> <52BA1065.6000403@delphij.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.2-RELEASE i386 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.2 (h2.funkthat.com [127.0.0.1]); Tue, 24 Dec 2013 15:37:49 -0800 (PST) Cc: "freebsd-security@freebsd.org" , FreeBSD Current , d@delphij.net, Pawel Jakub Dawidek X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Dec 2013 23:38:00 -0000 Paul Hoffman wrote this message on Tue, Dec 24, 2013 at 15:26 -0800: > On Dec 24, 2013, at 2:53 PM, Xin Li wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA512 > > > > On 12/24/13 14:36, Paul Hoffman wrote: > >> On Dec 24, 2013, at 12:44 PM, Xin Li wrote: > >> > >>> I think we shouldn't save entropy inside jails, as the data is > >>> not going to be used by rc script (pjd@126744). If there is no > >>> objections, I will commit this changeset on January 1, 2014. > >> > >> Even if it is not used by an rc script, it might be used by some > >> userland program (running as root, of course) that knows about the > >> directory and wants some fresh entropy for its own use. > > > > Why a userland application would want to use these? Would you mind > > elaborating what kind of use that would be? > > I don't have a specific application in mind, and certainly not one for a jail. However, I'm not sure what the value in removing a feature for a jail if we don't know if anyone is using that feature. Thus, my question. Technically we couldn't fix any odd behavior in the system if we used this as a test... Oh, I don't know if anyone is depending upon this non-standard behavior of , guess we can't fix it... If someone depends upon this behavior, they probably already knew enough about the system to figure out what went wrong in the first place... > > My understanding is that the saved entropy is used for bootstraping > > the system only: any applications that wants good random numbers > > should just use /dev/random because relying on something saved on disk > > is the worst way for someone who wants more entropy. > > Quite true. Note, however, that we don't delete the saved entropy after booting and add it just before shutdown: we leave it there for some reason. I'm not sure why a jail is so different of an environment that it should be treated differently than a normal (non-jail) environment. Maybe there is a reason, but I'm not seeing it. There is a reason to keep the file around. If you don't shutdown your system cleanly, at least you have entropy from the last boot, instead of a minimal amount... > >> Is there a problem with saving the directory in jails? It > >> certainly isn't taking up much space. > > > > No, it's not about space. What I am concerned is that it may have > > wasted entropy: each time (every */11 minute) the system would get > > 2048 bytes out from /dev/random per jail. This deterministic behavior > > may trigger reseeds earlier than wanted. > > I did not understand this. What changes in the system does removing /var/db/entropy cause? (If this is answered in a longer article, a pointer to it would be useful to me (and maybe others).) Basicly we don't drain the entropy pool as quickly, leaving better entropy in the system, and preventing an attacker from not having to do as much work controlling external inputs to the system to possibly attack the pool... My vote to remove it. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."