Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 30 Jan 2013 20:12:58 +0100
From: Szabolcs Nagy <nsz@...t70.net>
To: musl@...ts.openwall.com
Subject: Re: [PATCH] Add support for mkostemp, mkstemps and mkostemps

* Rich Felker <dalias@...ifal.cx> [2013-01-30 11:51:27 -0500]:
> current time. Better use of the stack address in generating the
> filenames could prevent knowing the set of output filenames for a
> range of times without knowing the stack address in the program being
> attacked. In fact, I'm a little bit worried that the current approach
> discloses too much information about the stack address to an attacker.
> If nothing else, I think some shuffling should be done so that the
> (typically more valuable) high bits of the stack address are matched
> with the low (least predictable) bits of the clock.

void __randname(char *p)
{
	struct timespec ts;
	unsigned long r;
	int i;

	clock_gettime(CLOCK_REALTIME, &ts);
	r = ts.tv_nsec*65537 ^ (uintptr_t)&ts / 16 + (uintptr_t)p;
	for (i=0; i<6; i++, r>>=5)
		p[i] = 'A'+(r&15)+(r&16)*2;
}

this uses 30bits of r and mixes the random low bits of nsec
into the high bits

using ^ as i guess that way it's harder to do useful arithmetics
with known r values

> > more significant improvement can be done by larger
> > set of names and better entropy source
> 
> Other implementations probably use 36 bits or slightly less (base64
> perhaps modified base64).
> 
> I could see it being feasible to increase this slightly and maybe even

<= 36bits is probably ok

> > the entropy source is mostly problematic on embedded
> > systems with bad clock, but there is probably no
> > good source at all there
> 
> Are you sure this is an issue? IMO it's the kernel's responsibility to

it was just a guess, iirc there are devices with
low resolution clock (lower than nanoseconds) which
can mean short period of the last few bits of nsec

but i dont know how this works

> give a good clock value however it can. IIRC even mips has a cpu
> counter or something that could be used to compensate for bad clock
> hardware, so it seems like a kernel failing if clock_gettime has bad
> resolution.
> 
> Rich

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.