[13751] in bugtraq
Re: Tempfile vulnerabilities
daemon@ATHENA.MIT.EDU (Seth David Schoen)
Tue Feb 8 23:45:39 2000
Mail-Followup-To: BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000207160121.V4856@cty-alum.org>
Date: Mon, 7 Feb 2000 16:01:21 -0800
Reply-To: Seth David Schoen <schoen@LOYALTY.ORG>
From: Seth David Schoen <schoen@LOYALTY.ORG>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.10.10002071409080.10841-100000@crafter.house>; from
vectro@PIPELINE.COM on Mon, Feb 07, 2000 at 02:09:38PM -0800
Ian Turner writes:
> > Can be so easy to DoS cryptographic software?
>
> Yes. If you don't trust your users to not deplete the entropy, then don't
> give them permission to read it.
An intermediate possibility is to have multiple RNGs with multiple sources
of entropy, or multiple RNGs with entropy divided among them somehow, or
a single RNG which enforces a reasonable policy of some sort when multiple
processes want to access it at once.
Modern multiuser operating systems have solved all _kinds_ of problems around
concurrency and dealing with contention over a shared resource. There is
no reason that they should not be able to do exactly the same thing for an
entropy pool, if it becomes an issue.
--
Seth David Schoen <schoen@loyalty.org> | And do not say, I will study when I
Temp. http://www.loyalty.org/~schoen/ | have leisure; for perhaps you will
down: http://www.loyalty.org/ (CAF) | not have leisure. -- Pirke Avot 2:5
