Re: monitoring entropy

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Richard W. Bowser: "Re: Upgrading"
• Previous message: Richard W. Bowser: "Re: Upgrading"
• In reply to: Michael K. Johnson: "Re: monitoring entropy"
• Next in thread: Colin Plumb: "Re: monitoring entropy"

>While we're on the topic of /dev/random, shouldn't the saved state file be
>readable only by root (to prevent knowledge of the starting state stored in
>the file combined with knowledge of the startup sequence from yielding
>information about the resulting state of the randomizer)? There is no
>mention of this in the comments in random.c, and RedHat release 4.2 (based on
>2.0.30) leaves the file readable by all.

I'll answer here, despite this not being absolutely a kernel issue...

Well, it's not a big deal, since that stored entropy is not counted in the
entropy count, it's only added entropy, stirred in to the pool. It does
not replace the current state of the pool. So it being visible isn't a
serious problem. That's probably why Ted didn't make it mode 600 when he
wrote the script.

The other, more important reason why it's not a big deal is here's what
happens at boot time:

1) Mix seed file into entropy pool.
2) Extract new random numbers using /dev/urandom and replace the
seed file with new random numbers.

We also do step (2) above a second time during a clean shutdown of the
machine. So the original seed file is mixed into the entropy pool, and
then that file is overwritten so you can't find it again.

The original purpose of the pool is to preserve some of the entropy
across reboots. Obviously, we can't depend on it since someone might
read the original seed file while the machine is down. However, it's
one of these things which can't hurt, and will probably help.

However, future initscripts packages we release (except for possible
security updates to 4.2, which are on a different branch) will set
the saved entropy pool state to mode 600. That way no one else will
worry about it. :-)

Making the file be mode 600 certainly won't hurt. It might help in the
case where someone knows the contents of the file and the machine
crashes without going through a clean shutdown. So again, it's one of
these things which might possibly help, and there's no possible reason
why anyone else should want to know the contents of that file, so making
it be mode 600 is probably a Good Thing to do.

- Ted

• Next message: Richard W. Bowser: "Re: Upgrading"
• Previous message: Richard W. Bowser: "Re: Upgrading"
• In reply to: Michael K. Johnson: "Re: monitoring entropy"
• Next in thread: Colin Plumb: "Re: monitoring entropy"