[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Want to help fix xdm on MIPS

On Sun, Aug 18, 2002 at 10:45:25PM +0200, Guido Guenther wrote:
> On Sat, Aug 17, 2002 at 10:21:18PM -0500, Branden Robinson wrote:
> > Edit xc/programs/xdm/Imakefile to:
> > * add DEV_RANDOM to the defines passed to the compiler ifdef
> >   LinuxArchitecture
> > * add ArmArchitecture, IA64Architecture, and MipsArchitecture to the
> >   list to the list for those for which FRAGILE_DEV_MEM is defined
> >   (will this actually solve the problem even in the absence of the prior
> >   fix?)
> FRAGILE_DEV_MEM just skips the first MB of memory. This is unlikely to
> be o.k. for a all architectures.

Hmph.  So we either need to come up with a solution for each
architecture where linear reads from /dev/mem into the stratosphere
cause problems, or we need to use something other than /dev/mem

As it happens, the second patch above is going into 0pre1v3 because I
want to see if helps *any* of the architectures.

> > What do you guys think?  These #defines only affect genauth.c.
> So we set "#define DEV_RANEOM /dev/urandom"? Does this have an impact on
> security?

I'm not aware of any security implications of reading from /dev/urandom
that aren't already discussed in random(4).  It certainly seems safer to
me than reading from /dev/mem!

(Though, to be fair, I cannot see any way to get xdm to read and return
information from /dev/mem without hacking the source.)

Xdm doesn't need that much data, though (note that it only reads gobs of
data in the #ifndef DEV_RANDOM case; in other words, when it has a
non-entropic source).  I'm tempted to have it read from /dev/random and
get real entropy.  People's X sessions need as much security as we can
afford to give them, and helping to frustrate attacks on the
authorization key seems a responsible thing to do.

In the long run, I'd like to solve the arch-specific /dev/mem problem as
well, for the sake of a patch to be sent upstream for the benefit of the
poor folks who don't have systems with a /dev/{u,}random.

G. Branden Robinson                |    Build a fire for a man, and he'll
Debian GNU/Linux                   |    be warm for a day.  Set a man on
branden@debian.org                 |    fire, and he'll be warm for the
http://people.debian.org/~branden/ |    rest of his life. - Terry Pratchett

Attachment: pgp6Khgbin1i3.pgp
Description: PGP signature

Reply to: