arc4random weakness
Konstantin Belousov
kostikbel at gmail.com
Thu Mar 16 13:19:54 UTC 2017
On Thu, Mar 16, 2017 at 01:48:45PM +0100, Dag-Erling Sm??rgrav wrote:
> Andrey Chernov <ache at freebsd.org> writes:
> > Steven Chamberlain <steven at pyro.eu.org> writes:
> > > Also it is great to see INHERIT_ZERO was added to mmap(2)!
> > It is not so great. For a program which forks very often zeroing even
> > one page will be slowdown.
>
> Wouldn't it be possible to just set up the page entry but leave it
> unmapped, so that it is paged in (and zeroed if necessary) on first
> access? Thus, a process that uses arc4random() and fork()s would not
> incur a penalty until (and unless) the child uses arc4random() too.
This is how the forking code works, without any additional coding,
for the INHERIT_ZERO regions as well.
>
> > It will be better and faster to implement it as fork syscall wrapper
> > setting single variable, as it already done for threaded lib.
>
> fork() and vfork() and pdfork() and... From a security point of view, I
> prefer to have it in a single place.
>
> DES
> --
> Dag-Erling Sm??rgrav - des at des.no
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
More information about the freebsd-security
mailing list