Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL

To: debian-devel@lists.debian.org
Subject: Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
From: Thorsten Glaser <tg@mirbsd.org>
Date: Thu, 17 Jul 2014 12:58:24 +0000 (UTC)
Message-id: <[🔎] lq8h9g$k4d$1@ger.gmane.org>
References: <[🔎] 87ha2hcch6.fsf@windlord.stanford.edu>

Russ Allbery wrote:

>Steven Chamberlain <steven@pyro.eu.org> writes:

>> * first-forked process does not use the PRNG yet, but forks again

Actually, it does: it calls RAND_poll(), which libressl made
into a nop.

>control.  There has been some talk of implementing PID randomization
>precisely to make this attack harder.

I've been testing this program (with the call to RAND_poll() commented
out) on my local machine: Debian/i386 (with amd64 kernel), and a
MirBSD/i386 virtual machine on the same system. MirBSD uses PID rando-
misation, of course.

Both show the effect, but the BSD VM (with PID randomisation) always
returns faster. Must be some kind of birthday paradoxon or something
happening. The time for Linux to return to the same PID is consistent
since it has to cycle through all PIDs; the BSD system on average
hits the same PID again faster, and the chance to not hit the same
PID at all is very marginal.

bye,
//mirabilos

Reply to:

References:
- Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Bug#755072: ITP: iosnoop -- trace disk I/O with details including latency
Next by Date: Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Previous by thread: Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Next by thread: Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Index(es):
- Date
- Thread