Hi, Theodore Ts'o wrote: > On Fri, Jul 06, 2012 at 06:02:18PM -0500, Jonathan Nieder wrote:
>> Why cc: stable@? Does this fix a build error, oops, hang, data >> corruption, real security issue, or other critical "oh, that's not >> good" bug? > > All of the /dev/random patches in this patch series that were marked > for the stable backports are to address a security issue. See: > https://factorable.net/ Thanks for explaining. If there's occasion for a reroll (I'm guessing there won't be) then it would be nice to mention this in the commit messages. [...] > While these patches are designed to do as much as we can without > assuming any fixes in userspace, and the weak kea vulnerabilities are > much more obviously detectable in embedded devices with close to zero > available entropy, ideally there are improvements that can and should > be done in upstream userspace packages as well as in the packaging and > installation scripts for more general-purpose server and workstation > distributions. > > For example, ssh key generation should happen as late as possible; > ideally, some time *after* the networking has been brought up. [...] > The same is true for the generation of remote > administration keys for ntpd and bind. Very much agreed. These patches look like an improvement but on diskless systems without a hardware RNG it still seems possible for someone with knowledge of the hardware configuration to predict the generator state. Except that patch 2 improves matters a lot. Thanks for your work and kindness, Jonathan -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/