[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: a small C program to test xdm's /dev/mem reading on your architecture

Marcus Brinkmann writes:
 > On Mon, Aug 26, 2002 at 12:50:22PM -0500, Branden Robinson wrote:
 > > > I can't believe he actually intends to keep it like this..
 > > 
 > > I'm going to #define DEV_RANDOM /dev/random for Linux systems.
 > That's bad, because that will drain the entropy a lot, and it might
 > block for a long time, and that for no good reason as I don't think the
 > magic cookie needs strong cryptographical security (for comparison: The
 > secret key of a public key cryptography key pair should be created using
 > /dev/random, while for session keys /dev/urandom is good enough).

Here is how I create the magic cookie in my ~/.xserverrc shell script,

    cookie ()
        dd if=/dev/urandom 2>/dev/null bs=16 count=1 | od -x | awk ' NR==1 { print $2 $3 $4 $5 $6 $7 $8 $9 } '


    $ cookie

and I use it in .xserverrc like this,

    # Add this cookie to the X server auth file.
    xauth -f "${auth}" \
          -v add "${xdpnum}"       "${access}"  "${mcookie}"
    # Add necessary new display entries to .Xauthority file.
    xauth -v add "${eth0}:${xdpnum}"       "${access}"  "${mcookie}"
    xauth -v add "${host}:${xdpnum}"       "${access}"  "${mcookie}"
    xauth -v add "${host}/unix:${xdpnum}"  "${access}"  "${mcookie}"

Why does anyone need to read megabytes of urandom?  If it really
is random, then 16 bytes should be enough.

Jeff Sheinberg

Reply to: