[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL

Russ Allbery wrote:

>Steven Chamberlain <steven@pyro.eu.org> writes:

>> * first-forked process does not use the PRNG yet, but forks again

Actually, it does: it calls RAND_poll(), which libressl made
into a nop.

>control.  There has been some talk of implementing PID randomization
>precisely to make this attack harder.

I've been testing this program (with the call to RAND_poll() commented
out) on my local machine: Debian/i386 (with amd64 kernel), and a
MirBSD/i386 virtual machine on the same system. MirBSD uses PID rando-
misation, of course.

Both show the effect, but the BSD VM (with PID randomisation) always
returns faster. Must be some kind of birthday paradoxon or something
happening. The time for Linux to return to the same PID is consistent
since it has to cycle through all PIDs; the BSD system on average
hits the same PID again faster, and the chance to not hit the same
PID at all is very marginal.


Reply to: