2.4.7: random.c - potential security problem

Ulrich Windl (Ulrich.Windl@rz.uni-regensburg.de)
Fri, 10 Aug 2001 07:53:04 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Linus Torvalds: "Re: Some dbench 32 results for 2.4.8-pre8, 2.4.7-ac10, and 2.4.7"
Previous message: satish kumar: "How vendor specific drivers communicate"
Next in thread: Ulrich Windl: "Re: 2.4.7: random.c - potential security problem"
Reply: Ulrich Windl: "Re: 2.4.7: random.c - potential security problem"

Hi,

maybe some of you find this interesting: Yesterday I was grepping for
some variable in the source tree when I ended up in
drivers/char/random.c. There I noticed that the driver uses wall time
to re-seed the TCP sequence numbers for example. This means that no re-
seeding takes place if the clock is set back a significant amount of
time, e.g. if the CMOS clock failed or was completely off.

I don't know if the problem is severe, but I thought I tell you.

Regards,
Ulrich
P.S. Not subscribed to this list

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: Some dbench 32 results for 2.4.8-pre8, 2.4.7-ac10, and 2.4.7"
Previous message: satish kumar: "How vendor specific drivers communicate"
Next in thread: Ulrich Windl: "Re: 2.4.7: random.c - potential security problem"
Reply: Ulrich Windl: "Re: 2.4.7: random.c - potential security problem"