Re: short read from /dev/urandom

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Ulrich Drepper <drepper@gmail.com>
To: linux-kernel@vger.kernel.org
Subject: Re: short read from /dev/urandom
Date: Thu, 13 Jan 2005 22:54:13 -0800	[thread overview]
Message-ID: <a36005b50501132254155a0d5a@mail.gmail.com> (raw)
In-Reply-To: <cs7mup$hgo$1@abraham.cs.berkeley.edu>

On Fri, 14 Jan 2005 05:56:41 +0000 (UTC), David Wagner
<daw@taverner.cs.berkeley.edu> wrote:

> True.  Arguably, the solution is to fix the documentation.

The problem is that no-short-reads behavior has been documented for a
long time and so programs might, correctly so, use

    while (read(fd, buf, sizeof buf) == -1)
      continue;

Image a program doing this.  It provides the possibility for a local
attack.  If one can determine the content of the to-be-filled buffer
before the 'read', then an attacker could limit the randomness in the
buffer after the read by sending signals to the program.

Not breaking the ABI is more important than symmetry.

next prev parent reply	other threads:[~2005-01-14  6:54 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-01-14  4:54 short read from /dev/urandom Ulrich Drepper
2005-01-14  5:56 ` David Wagner
2005-01-14  6:54   ` Ulrich Drepper [this message]
2005-01-14 19:55     ` David Wagner
2005-01-14 19:10 ` Theodore Ts'o
2005-01-14 21:04   ` Ulrich Drepper
2005-01-14 23:21     ` Theodore Ts'o
2005-01-15  2:36       ` H. Peter Anvin
2005-01-16  2:51         ` Matt Mackall
2005-01-16  3:18           ` H. Peter Anvin
2005-01-15  2:34     ` H. Peter Anvin
2005-01-19 15:48     ` Pavel Machek
2005-01-16  2:44 ` Matt Mackall
2005-01-16  3:58   ` Ulrich Drepper
2005-01-16  4:58     ` Matt Mackall
2005-01-16 13:23     ` Andries Brouwer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=a36005b50501132254155a0d5a@mail.gmail.com \
    --to=drepper@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox