Bugtraq mailing list archives

Re: Tempfile vulnerabilities

From: wk () GNUPG ORG (Werner Koch)
Date: Wed, 2 Feb 2000 23:01:10 +0100


On Wed, 2 Feb 2000, Theo de Raadt wrote:

I suppose then that anyone who attacks a machine which relies on
/dev/random -- a world readable device -- should do the following:

      cat /dev/random > /dev/null &


Yep.

Crypto software which uses those devices should be doing some kind of
checking to make sure that they are getting at least good entropy.  I


The good thing is that /dev/random blocks until there is enough entropy
available.  /dev/urandom does not block but continues to return random
bytes by using a PRNG.

suppose I could even argue that the random devices should make it easy
for customer software to determine that entropy is low.


There is also an ioctl() to query some statistics.  OpenBSD has some
more kinds of random devices but I don't know much about them.

I have not checked the latest Linux kernels but rumors are that this
device has been enhanced.


--
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013

Current thread:

Re: DDOS Attack Mitigation, (continued)
- - - Re: DDOS Attack Mitigation Andreas Busse (Feb 15)
    - Re: Evil Cookies. Ari Gordon-Schlosberg (Feb 08)
    - Re: Evil Cookies. Michael Bryan (Feb 08)
    - Statistical Attack Against Virtual Banks Andre L. Dos Santos (Feb 08)
    - Re: Statistical Attack Against Virtual Banks HC Security (Feb 08)
    - Re: Statistical Attack Against Virtual Banks Andre L. Dos Santos (Feb 08)
    - Re: Statistical Attack Against Virtual Banks HC Security (Feb 09)
    - Re: Statistical Attack Against Virtual Banks Swift Griggs (Feb 09)
    - Re: Statistical Attack Against Virtual Banks Andre L. Dos Santos (Feb 08)
    - SCO OpenServer SNMPD vulnerability NAI Labs (Feb 07)
    - Re: Tempfile vulnerabilities Werner Koch (Feb 02)
    - Re: Tempfile vulnerabilities Chris Cappuccio (Feb 03)
    - Cross Site Scripting security issue Robert Zilbauer (Feb 02)
    - Re: Tempfile vulnerabilities Len Budney (Feb 03)
    - Re: Tempfile vulnerabilities antirez (Feb 05)
    - Re: Tempfile vulnerabilities Ian Turner (Feb 07)
    - Re: Tempfile vulnerabilities Seth David Schoen (Feb 07)
    - Remote access vulnerability in all MySQL server versions Robert van der Meulen (Feb 08)
    - don't run random "exploit" code Marc Slemko (Feb 08)
    - cookies - nothing new Steven Champeon (Feb 07)
    - Re: cookies - nothing new MJE (Feb 08)

(Thread continues...)