Is fork() hook ever possible?
Andrey Chernov
ache at freebsd.org
Tue Nov 15 00:44:46 UTC 2011
On Mon, Nov 14, 2011 at 06:08:55PM -0500, David Schultz wrote:
> Not quite. OpenBSD's implementation is more careful. I just
> noticed a funny thing about FreeBSD's KERN_ARND sysctl: If the
> random device isn't (or can't be) loaded, KERN_ARND silently
> decides to initialize itself with the output of random(). This
> means that whatever minuscule amount of entropy it might have
> picked up from the clock is reduced to a maximum of 31 bits.
> That's a fantastic way to provide a false sense of security...
I agree.
Lets separate two things: "no /dev/random for jails" and "no random kernel
module is loaded".
IMHO kernel module should _not_ be optional anymore, it solves problem you
describe and all similar problems at once.
Adding KERN_ARND to arc4random() at this moment solves "no /dev/random for
jails" problem alone and _not_ pretends to solve "no random kernel module
is loaded" problem. When random kernel module will become non-optional,
KERN_ARND automagically makes good security in that place too.
P.S. Do I answer your doubts about &rdat key initialization in my prev.
posting?
--
http://ache.vniz.net/
More information about the freebsd-current
mailing list