On Sat, Apr 30, 2022 at 11:48 PM Jason A. Donenfeld <ja...@zx2c4.com> wrote: > > On Sat, Apr 30, 2022 at 11:19 PM Denys Vlasenko > <vda.li...@googlemail.com> wrote: > > Thank you for the explanation. I re-adding the fsync > > and adding a comment. Please take a look at current git. > > Oh god, what have you done? You have butchered seedrng into garbage. I > do not agree with the changes you made. You've removed important error > handling in ways that make certain intended use cases absolutely > impossible. Please revert your changes, which you made mid-discussion > here with no agreement reached. Then you can interact on the mailing > list by sending patches and discussing them. If not -- if you want to > keep tumbling down this monstrous route that you're on -- my > participation here ends entirely, and my advice will be to avoid > busybox because its maintainer is a wreckless cowboy. > > Just from a cursory look: > > - You removed the return value check on fsync(dfd), which means the > check is worthless and introduces a security vulnerability. > - You haven't responded to my messages regarding the importance of > returning proper error codes and appear to have removed them entirely > now? > - Your comment about reads from /dev/urandom depleting the entropy > pool isn't correct. (Plus you used an inconsistent type of comment > with bad indentation. Did you even check your work?) > - You completely ignored the `MAX_SEED_LEN = 256` change from the > patch that this thread is actually about, which means there's no > resolution for that issue. Plus you didn't respond to my email where I > discussed various solutions for that matter. Did you read the patch I > sent?
In the 12 hours since I sent this to you, not only have you completely failed to address any of those issues (especially the first and fourth), let alone respond to my email, but you've been busy adding another security regression. This time it takes the form of removing consistent encoding of the hash contents. A cryptographic change without any prior mailing list discussion? You truly are a monster. Please just remove seedrng from busybox. I regret ever coming anywhere near this project. You clearly will not be a responsible steward of security-related code. This is only going to lead to bad things for users down the road. Just get rid of the mess you've made, and we can part ways. Thanks, Jason _______________________________________________ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox