Package: libpam-usb Version: 0.5.0-1+tms1 Severity: normal Tags: security, patch
When creating pad files of "random" data, the randomness is quite small. For an attacker with a local account, the time of login and process id are quite easy to guess. (Using the deterministic rand() generator to increase the length to 1024 bytes doesn't generate any extra randomness, so that's a red herring). Being generous, there's probably 8-12 bits of entropy, from the point of view of a local adversary. This patch increases the entropy bits sizeof(int)*CHAR_BIT bits (i.e. 32 bits where int is 32 bits), although it does nothing to deal with the false impression of security given by creating a 8192-bit file.
Description: Increase entropy of generated pad files Seeding the random number generator from PID and current time provides very little entropy, as these can be guessed quite closely by an attacker, so use the kernel's random number generator instead. Author: Toby Speight <t.m.speight...@cantab.net> --- --- libpam-usb-0.5.0.orig/src/pad.c +++ libpam-usb-0.5.0/src/pad.c @@ -22,6 +22,7 @@ #include <errno.h> #include <sys/types.h> #include <sys/stat.h> +#include <fcntl.h> #include <pwd.h> #include <time.h> #include "conf.h" @@ -181,6 +182,8 @@ static void pusb_pad_update(t_pusb_optio FILE *f_system = NULL; char magic[1024]; int i; + unsigned int seed; + int devrandom; if (!pusb_pad_should_update(opts, user)) return ; @@ -201,7 +204,14 @@ static void pusb_pad_update(t_pusb_optio pusb_pad_protect(user, fileno(f_system)); log_debug("Generating %d bytes unique pad...\n", sizeof(magic)); - srand(getpid() * time(NULL)); + devrandom = open("/dev/random", O_RDONLY); + if (devrandom < 0 || read(devrandom, &seed, sizeof seed) != sizeof seed) { + log_debug("/dev/random seeding failed...\n"); + seed = getpid() * time(NULL); /* low-entropy fallback */ + } + if (devrandom > 0) + close(devrandom); + srand(seed); for (i = 0; i < sizeof(magic); ++i) magic[i] = (char)rand(); log_debug("Writing pad to the device...\n");
-- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (900, 'testing'), (900, 'stable'), (400, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.1.1-balti (SMP w/4 CPU cores; PREEMPT) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libpam-usb depends on: ii libc6 2.13-24 ii libdbus-1-3 1.4.16-1 ii libxml2 2.7.8.dfsg-7 ii multiarch-support 2.13-24 ii pamusb-common 0.5.0-1+tms1 ii pmount 0.9.23-2 ii udisks 1.0.4-3 libpam-usb recommends no packages. libpam-usb suggests no packages. -- no debconf information