[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: a small C program to test xdm's /dev/mem reading on your architecture



Marcus Brinkmann writes:
 > On Mon, Aug 26, 2002 at 12:50:22PM -0500, Branden Robinson wrote:
 > > > I can't believe he actually intends to keep it like this..
 > > 
 > > I'm going to #define DEV_RANDOM /dev/random for Linux systems.
 > 
 > That's bad, because that will drain the entropy a lot, and it might
 > block for a long time, and that for no good reason as I don't think the
 > magic cookie needs strong cryptographical security (for comparison: The
 > secret key of a public key cryptography key pair should be created using
 > /dev/random, while for session keys /dev/urandom is good enough).

Here is how I create the magic cookie in my ~/.xserverrc shell script,

    cookie ()
    {
        dd if=/dev/urandom 2>/dev/null bs=16 count=1 | od -x | awk ' NR==1 { print $2 $3 $4 $5 $6 $7 $8 $9 } '
    }

e.g.,

    $ cookie
    a0de8e57919780bbc5ff16e66e1af2a9

and I use it in .xserverrc like this,

    mcookie=`cookie`
    # Add this cookie to the X server auth file.
    xauth -f "${auth}" \
          -v add "0.0.0.0:${xdpnum}"       "${access}"  "${mcookie}"
    # Add necessary new display entries to .Xauthority file.
    xauth -v add "${eth0}:${xdpnum}"       "${access}"  "${mcookie}"
    xauth -v add "${host}:${xdpnum}"       "${access}"  "${mcookie}"
    xauth -v add "${host}/unix:${xdpnum}"  "${access}"  "${mcookie}"

Why does anyone need to read megabytes of urandom?  If it really
is random, then 16 bytes should be enough.

-- 
Jeff Sheinberg



Reply to: