Re: 2.4.7: random.c - potential security problem

Ulrich Windl (Ulrich.Windl@rz.uni-regensburg.de)
Fri, 10 Aug 2001 09:30:47 +0200


On 10 Aug 2001, at 7:03, linux@horizon.com wrote:

> The test is "if ((t - rekey_time) > REKEY_INTERVAL)", where rekey_time is *unsigned*.
>
> Thus, if t ever drops below rekey_time (large backward time jump), the difference
> will be a large number and it will be rekeyed.

Thanks,

first at school they try to teach you about negative numbers, then with
computers you have to forget about them again. Sorry abou the
confusion, I never felt save with type promotion rules in C.

>
> Setting the time back by a small amount, less than REKEY_INTERVAL, can stretch the time,
> but it's hard to think if a reasonable application where that will happen often enough
> in a row to seriously stretch the rekey interval.

Yes!

Ulrich

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/