1 |
On Mon, 2004-04-19 at 17:55, Robert Connolly wrote: |
2 |
> Hello. I have attached two patches. The linux kernel patch is from Eli |
3 |
> Billauer of http://frandom.sourceforge.net/ Full source and docs for this |
4 |
> patch are here http://www.linuxfromscratch.org/~robert/hlfs/hints/ |
5 |
> attachments/entropy/frandom-0.8.tar.gz |
6 |
> |
7 |
> This version of frandom includes erandom (economical) which uses frandom as a |
8 |
> seed, and uses no entropy from the kernel. The quality of the output bytes |
9 |
> has been tested and found to be good quality random. Its not intended for |
10 |
> crypto, its for anything else. This version of frandom also features a sysctl |
11 |
> interface. The attached kernel patch enables it by default. It can be found |
12 |
> in the char devices config menu. |
13 |
|
14 |
Could you test the following attachment (guard-test) a few times and |
15 |
post the results? Mainly I'd like to verify that your __guard is infact |
16 |
working as expected. (It should SEGFAULT or SIGABRT) |
17 |
|
18 |
> The attached glibc patch uses the frandom sysctl interface, and has a bug fix |
19 |
> (/4). I removed some #ifdefs that I thought should always be defined (maybe |
20 |
> someone can double check it, should be okay though). So, install the frandom |
21 |
> kernel first (built in, not module), reboot, and replace this attached glibc |
22 |
> patch with the original glibc-ssp patch, and install glibc. |
23 |
> |
24 |
|
25 |
> The finished result will stop SSP from draining kernel entropy. Preformance |
26 |
> might be a bit better then using /dev/urandom too. And sysctl will work threw |
27 |
> chroot without depending on a device in /dev. |
28 |
I like that. |
29 |
|
30 |
> Comments, questions? |
31 |
|
32 |
I took a quick look at the (glibc) code and it appears as if you drooped |
33 |
support completely for /dec/urandom I'm not sure if that's a good idea |
34 |
because if a user decides not to use frandom then she will end up with |
35 |
the default canary only which would weaken the entire model.. |
36 |
|
37 |
Also can this be enabled in the kernel as non LKM? |
38 |
As handy as modules are they are a security risk and should be avoided |
39 |
at all costs. |
40 |
|
41 |
> I'm subscribed to this list, please don't cc me. |
42 |
> |
43 |
> Robert |
44 |
> |
45 |
> ______________________________________________________________________ |
46 |
> -- |
47 |
> gentoo-hardened@g.o mailing list |
48 |
|
49 |
-- |
50 |
Ned Ludd <solar@g.o> |
51 |
Gentoo Linux Developer |