Package: libpam-usb
Version: 0.5.0-1+tms1
Severity: normal
Tags: security, patch
When creating pad files of random data, the randomness is quite small.
For an attacker with a local account, the time of login and process id
are quite easy to guess. (Using the deterministic rand() generator to
increase the length to 1024 bytes doesn't generate any extra randomness,
so that's a red herring). Being generous, there's probably 8-12 bits of
entropy, from the point of view of a local adversary.
This patch increases the entropy bits sizeof(int)*CHAR_BIT bits (i.e. 32
bits where int is 32 bits), although it does nothing to deal with the
false impression of security given by creating a 8192-bit file.
Description: Increase entropy of generated pad files
Seeding the random number generator from PID and current time
provides very little entropy, as these can be guessed quite closely
by an attacker, so use the kernel's random number generator instead.
Author: Toby Speight t.m.speight...@cantab.net
---
--- libpam-usb-0.5.0.orig/src/pad.c
+++ libpam-usb-0.5.0/src/pad.c
@@ -22,6 +22,7 @@
#include errno.h
#include sys/types.h
#include sys/stat.h
+#include fcntl.h
#include pwd.h
#include time.h
#include conf.h
@@ -181,6 +182,8 @@ static void pusb_pad_update(t_pusb_optio
FILE *f_system = NULL;
char magic[1024];
int i;
+ unsigned int seed;
+ int devrandom;
if (!pusb_pad_should_update(opts, user))
return ;
@@ -201,7 +204,14 @@ static void pusb_pad_update(t_pusb_optio
pusb_pad_protect(user, fileno(f_system));
log_debug(Generating %d bytes unique pad...\n, sizeof(magic));
- srand(getpid() * time(NULL));
+ devrandom = open(/dev/random, O_RDONLY);
+ if (devrandom 0 || read(devrandom, seed, sizeof seed) != sizeof seed) {
+ log_debug(/dev/random seeding failed...\n);
+ seed = getpid() * time(NULL); /* low-entropy fallback */
+ }
+ if (devrandom 0)
+ close(devrandom);
+ srand(seed);
for (i = 0; i sizeof(magic); ++i)
magic[i] = (char)rand();
log_debug(Writing pad to the device...\n);
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (900, 'testing'), (900, 'stable'), (400, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.1.1-balti (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libpam-usb depends on:
ii libc6 2.13-24
ii libdbus-1-31.4.16-1
ii libxml22.7.8.dfsg-7
ii multiarch-support 2.13-24
ii pamusb-common 0.5.0-1+tms1
ii pmount 0.9.23-2
ii udisks 1.0.4-3
libpam-usb recommends no packages.
libpam-usb suggests no packages.
-- no debconf information
