2.4.7: random.c - potential security problem

Ulrich Windl (Ulrich.Windl@rz.uni-regensburg.de)
Fri, 10 Aug 2001 07:53:04 +0200


Hi,

maybe some of you find this interesting: Yesterday I was grepping for
some variable in the source tree when I ended up in
drivers/char/random.c. There I noticed that the driver uses wall time
to re-seed the TCP sequence numbers for example. This means that no re-
seeding takes place if the clock is set back a significant amount of
time, e.g. if the CMOS clock failed or was completely off.

I don't know if the problem is severe, but I thought I tell you.

Regards,
Ulrich
P.S. Not subscribed to this list

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/