From owner-freebsd-security@FreeBSD.ORG Wed Dec 25 18:46:16 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D45DE3D6 for ; Wed, 25 Dec 2013 18:46:16 +0000 (UTC) Received: from mail-we0-x232.google.com (mail-we0-x232.google.com [IPv6:2a00:1450:400c:c03::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6A9AB19FA for ; Wed, 25 Dec 2013 18:46:16 +0000 (UTC) Received: by mail-we0-f178.google.com with SMTP id u57so6693786wes.23 for ; Wed, 25 Dec 2013 10:46:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:mime-version :content-type:content-transfer-encoding; bh=qzcTRr+g9LTJ6DBm8+YrM4GtKdXDF2Zx52BEqUPWUyw=; b=lgbmYqqT8YB/4vW8p02onFNbZkkflr5Hgwg6yWVwNPYBwZZ0gWZeE1IzKsl0eggy+I V17UJ+Be3x4TgZ8bv6ZIlpeovaV4GsQQH5p64JFvHpFeFBw8ySFRTQR4eEd8S6u05uWz TNneTZVHoT3H9Rnt7jvlVpD+94aGxMJYrugTG3bW5f7kw0lntKm4C3fE44q15UZ03kqs 6K76PaHYTzfkQVmHlZ8umP7LAclwSrLx+GfT++Qt1pWWUV20uZvB35BBaTLiU0S+p5Bo XLGsLc8vkWGDJlB+n+LnnXdRm8rzdv6mpPl6eFaAa0yvRevkMelwFCO/eDKD/HKRHZ/W 8igw== X-Received: by 10.180.73.78 with SMTP id j14mr3292420wiv.11.1387997174752; Wed, 25 Dec 2013 10:46:14 -0800 (PST) Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk. [87.194.105.247]) by mx.google.com with ESMTPSA id cy10sm15224743wjb.6.2013.12.25.10.46.13 for (version=SSLv3 cipher=RC4-SHA bits=128/128); Wed, 25 Dec 2013 10:46:14 -0800 (PST) Date: Wed, 25 Dec 2013 18:46:11 +0000 From: RW To: freebsd-security@freebsd.org Subject: Re: [PATCH RFC] Disable save-entropy in jails Message-ID: <20131225184611.5acbd23e@gumby.homeunix.com> In-Reply-To: <52BA2125.8050404@delphij.net> References: <52B9F232.1090002@delphij.net> <278988C7-1749-413D-A5E2-ABE6753B3766@proper.com> <52BA1065.6000403@delphij.net> <52BA2125.8050404@delphij.net> X-Mailer: Claws Mail 3.9.3 (GTK+ 2.24.22; amd64-portbld-freebsd10.0) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Dec 2013 18:46:16 -0000 On Tue, 24 Dec 2013 16:04:53 -0800 Xin Li wrote: > When reading from /dev/random, one essentially consumes entropy that > is fed into the random device, and eventually it would cause a reseed. Reads don't trigger reseeds in Yarrow. And both Yarrow and Fortuna are designed so this isn't a problem. In any case reads that aren't under the control of an unprivileged attacker make it harder to perform a state-extension attack, not easier. This kind of thing shouldn't be an issue for any non-blocking random device that isn't quite badly broken. If it were, it would be better to fix the device.