On Sun, Aug 18, 2002 at 10:45:25PM +0200, Guido Guenther wrote: > On Sat, Aug 17, 2002 at 10:21:18PM -0500, Branden Robinson wrote: > > Edit xc/programs/xdm/Imakefile to: > > * add DEV_RANDOM to the defines passed to the compiler ifdef > > LinuxArchitecture > > * add ArmArchitecture, IA64Architecture, and MipsArchitecture to the > > list to the list for those for which FRAGILE_DEV_MEM is defined > > (will this actually solve the problem even in the absence of the prior > > fix?) > FRAGILE_DEV_MEM just skips the first MB of memory. This is unlikely to > be o.k. for a all architectures.
Hmph. So we either need to come up with a solution for each
architecture where linear reads from /dev/mem into the stratosphere
cause problems, or we need to use something other than /dev/mem
altogether.
As it happens, the second patch above is going into 0pre1v3 because I
want to see if helps *any* of the architectures.
> > What do you guys think? These #defines only affect genauth.c.
> So we set "#define DEV_RANEOM /dev/urandom"? Does this have an impact on
> security?
I'm not aware of any security implications of reading from /dev/urandom
that aren't already discussed in random(4). It certainly seems safer to
me than reading from /dev/mem!
(Though, to be fair, I cannot see any way to get xdm to read and return
information from /dev/mem without hacking the source.)
Xdm doesn't need that much data, though (note that it only reads gobs of
data in the #ifndef DEV_RANDOM case; in other words, when it has a
non-entropic source). I'm tempted to have it read from /dev/random and
get real entropy. People's X sessions need as much security as we can
afford to give them, and helping to frustrate attacks on the
authorization key seems a responsible thing to do.
In the long run, I'd like to solve the arch-specific /dev/mem problem as
well, for the sake of a patch to be sent upstream for the benefit of the
poor folks who don't have systems with a /dev/{u,}random.
--
G. Branden Robinson | Build a fire for a man, and he'll
Debian GNU/Linux | be warm for a day. Set a man on
[EMAIL PROTECTED] | fire, and he'll be warm for the
http://people.debian.org/~branden/ | rest of his life. - Terry Pratchett
pgpIaQah7WGOt.pgp
Description: PGP signature
