[PATCH] Explain why we /write/ the seed at boot time. Also document assumptions about random.seed.
root at localhost.localdomain
Sat Sep 11 22:27:05 UTC 2010
urandom | 20 +++++++++++++++++++-
1 files changed, 19 insertions(+), 1 deletions(-)
diff --git a/urandom b/urandom
index ffca615..79344cb 100755
@@ -10,10 +10,19 @@
# It is called from the boot, halt and reboot scripts.
### END INIT INFO
+## Assumption 1: We assume $SAVEDFILE is a file (or a symlink
+## to a file) that resides on a non-volatile medium that persists
+## across reboots.
+## Case 1a: Ideally, it is readable and writeable. Its is unshared,
+## i.e. its contents are unique to this machine. It is protected so
+## that its contents are not known to attackers.
+## Case 1b: Less than ideally, it is read-only. Its contents are
+## unique to this machine and not known to attackers.
[ -c /dev/urandom ] || exit 0
if ! POOLBYTES=$((
($(cat /proc/sys/kernel/random/poolsize 2>/dev/null) + 7) / 8
)) ; then
@@ -33,6 +42,13 @@ case "$1" in
cat "$SAVEDFILE" >/dev/urandom
rm -f $SAVEDFILE
+ # Write a new seed into $SAVEDFILE because re-using a seed
+ # compromises security. Each time we re-seed, we want the
+ # seed to be as different as possible.
+ # Write it now, in case the machine crashes without doing
+ # an orderly shutdown.
+ # The write will fail if $SAVEDFILE is read-only, but it
+ # doesn't hurt to try.
dd if=/dev/urandom of=$SAVEDFILE bs=$POOLBYTES count=1 >/dev/null 2>&1
@@ -41,6 +57,8 @@ case "$1" in
# Carry a random seed from shut-down to start-up;
+ # Write it on shutdown, in case the one written at startup
+ # has been lost, snooped, or otherwise compromised.
# see documentation in linux/drivers/char/random.c
[ "$VERBOSE" = no ] || log_action_begin_msg "Saving random seed"
More information about the Pkg-sysvinit-devel