Re: [gdm-list] Security?



Ray Strode wrote:
>>> Right, we might want to just ditch cookies entirely in the local case
>>> (Given a new enough X server to support peer creds)
>> Not all installations of gdm will be like this ... right?
> Not sure.  We'd need to see which servers support it and decide if we
> want to support servers that are older/different.  We have to support
> cookies for the non-local case anyway, though, so it's not like it
> would be much extra work to provide a fallback...

I was only joking when I said that.  it would be a serious regression if gdm
suddenly became linux only.

> If GRand had a reset_seed function, it wouldn't be deterministic for a
> while after every call to reset_seed.

It's deterministic if you know the seed.  Hence at best it is not
deterministic for the number of bits of the seed.  If you can or can't guess
the seed from the output is a different story.

The only time you need to use a pseudorandom number generator of some sort is
if you do not have access to any more entropy, then you use your previous
entropy and hope that attacker can't piece this together.

BTW, you can always just create a new GRand object and dump it afterwards if
you want to seed it again.

> If it isn't clear (it seems like it's not from your responses) I'm not
> tied to the g_rand_* apis at all, though.  I'm in the process of
> rewriting the code to use /dev/urandom.

OK, then I must have misunderstood.

Jiri

-- 
George <jirka 5z com>
   Examine what is said, not who speaks.
                       -- Arabian Proverb


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]