Re: [PATCH] ELF: implement AT_RANDOM for future glibc use | KernelTrap

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use

view
thread

!MAILaRCHIVE_VOTE_RePLACE

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Kees Cook <kees.cook@...>

To: Ulrich Drepper <drepper@...>

Cc: Roland McGrath <roland@...>, Andi Kleen <andi@...>, <linux-kernel@...>, Jakub Jelinek <jakub@...>, <libc-alpha@...>

Subject: Re: [PATCH] ELF: implement AT_RANDOM for future glibc use

Date: Monday, October 6, 2008 - 9:44 pm

On Mon, Oct 06, 2008 at 05:57:48PM -0700, Ulrich Drepper wrote:
quoted text> Kees Cook wrote:
> > It sounds like it's not very safe,
> 
> Then investigate it.

As was suspected, each int is the same.

quoted text> > but on the other hand, glibc doesn't really care?
> 
> Of course we care.  Especially for SUID and uid==0 binaries.

I meant based on what was said about "if it's as strong as the ASLR
randomness, it's good enough for this".  While the ultimate solution
would be to bolt a better PRNG into the kernel, is the following good
enough for now for glibc:

$ ./rands
0x2b 0x06 0xb7 0x53 0x2b 0x06 0xb7 0x53 0x2b 0x06 0xb7 0x53 0x2b 0x06 0xb7 0x53
$ ./rands
0xc2 0xb5 0x42 0xdc 0xc2 0xb5 0x42 0xdc 0xc2 0xb5 0x42 0xdc 0xc2 0xb5 0x42 0xdc
$ ./rands
0x5f 0x39 0xc6 0xc0 0x5f 0x39 0xc6 0xc0 0x5f 0x39 0xc6 0xc0 0x5f 0x39 0xc6 0xc0
$ ./rands
0xfb 0x4a 0x82 0xbd 0xfb 0x4a 0x82 0xbd 0xfb 0x4a 0x82 0xbd 0xfb 0x4a 0x82 0xbd

-Kees

-- 
Kees Cook
Ubuntu Security Team
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Thu Oct 2, 8:16 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 2:00 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 1:50 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 3:26 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 6:07 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Roland McGrath, (Mon Oct 6, 7:58 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 8:31 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Mon Oct 6, 8:57 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 9:44 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Mon Oct 6, 9:51 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Mon Oct 6, 8:08 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 7:28 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 6:01 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 7:19 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 7:29 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 7:44 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Roland McGrath, (Thu Oct 2, 8:52 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Fri Oct 3, 1:15 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Roland McGrath, (Fri Oct 3, 4:22 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Jakub Jelinek, (Thu Oct 2, 8:43 pm)

[PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Fri Oct 3, 1:29 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Arjan van de Ven, (Fri Oct 3, 1:57 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Fri Oct 3, 2:25 am)

[PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Kees Cook, (Fri Oct 3, 10:50 am)

Re: [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Jakub Jelinek, (Fri Oct 3, 10:57 am)

[PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Kees Cook, (Fri Oct 3, 1:33 pm)

Re: [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Fri Oct 3, 1:41 pm)

[PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Kees Cook, (Fri Oct 3, 1:59 pm)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Andrew Morton, (Tue Oct 21, 4:01 pm)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Tue Oct 21, 4:22 pm)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Andrew Morton, (Mon Oct 27, 1:46 am)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Sat Oct 18, 1:42 am)

Re: [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Fri Oct 3, 10:56 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Fri Oct 3, 1:25 am)

Navigation

Popular discussions


linux-kernel:
Artem Bityutskiy	[PATCH 10/44 take 2] [UBI] debug unit implementation
Greg Kroah-Hartman	[PATCH 004/196] Chinese: add translation of SubmittingPatches
Trent Piepho	[PATCH] [POWERPC] Improve (in\|out)_beXX() asm code
Dave Young	Re: Linux v2.6.24-rc1
git:

linux-netdev:
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
Linus Torvalds	Re: [GIT]: Networking
David Miller	Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Natalie Protasevich	[BUG] New Kernel Bugs
openbsd-misc:

Colocation donated by:

Who's online

There are currently 1 user and 596 guests online.

Online users

mylabarrow63

Syndicate