Date: Tue, 15 Nov 2011 04:44:43 +0400 From: Andrey Chernov <ache@freebsd.org> To: das@freebsd.org, current@freebsd.org, secteam@freebsd.org Subject: Re: Is fork() hook ever possible? Message-ID: <20111115004443.GA50429@vniz.net> In-Reply-To: <20111114230855.GA59545@zim.MIT.EDU> References: <20080916140319.GA34447@nagual.pp.ru> <20080916201932.GA59781@zim.MIT.EDU> <20111112102241.GA75396@vniz.net> <20111112154135.GA21512@zim.MIT.EDU> <20111112171531.GA83419@vniz.net> <20111114013004.GA53392@zim.MIT.EDU> <20111114192721.GA16834@vniz.net> <20111114205855.GB58790@zim.MIT.EDU> <20111114212926.GA28783@vniz.net> <20111114230855.GA59545@zim.MIT.EDU>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Nov 14, 2011 at 06:08:55PM -0500, David Schultz wrote: > Not quite. OpenBSD's implementation is more careful. I just > noticed a funny thing about FreeBSD's KERN_ARND sysctl: If the > random device isn't (or can't be) loaded, KERN_ARND silently > decides to initialize itself with the output of random(). This > means that whatever minuscule amount of entropy it might have > picked up from the clock is reduced to a maximum of 31 bits. > That's a fantastic way to provide a false sense of security... I agree. Lets separate two things: "no /dev/random for jails" and "no random kernel module is loaded". IMHO kernel module should _not_ be optional anymore, it solves problem you describe and all similar problems at once. Adding KERN_ARND to arc4random() at this moment solves "no /dev/random for jails" problem alone and _not_ pretends to solve "no random kernel module is loaded" problem. When random kernel module will become non-optional, KERN_ARND automagically makes good security in that place too. P.S. Do I answer your doubts about &rdat key initialization in my prev. posting? -- http://ache.vniz.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111115004443.GA50429>