WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-users

[Top] [All Lists]

Re: [Xen-users] Major /dev/urandom (Security) issue?

from [Jeff Cronstrom]

[Permanent Link][Original]

To:	xen-users@xxxxxxxxxxxxxxxxxxx
Subject:	Re: [Xen-users] Major /dev/urandom (Security) issue?
From:	Jeff Cronstrom <jeff@xxxxxxxxxxxxxxx>
Date:	Fri, 25 Jan 2008 09:33:40 -0500
Delivery-date:	Fri, 25 Jan 2008 06:34:41 -0800
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
In-reply-to:	<4799288F.3000708@xxxxxxxxxxx>
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<4799288F.3000708@xxxxxxxxxxx>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx

Hi Ken,

On Thu, 2008-01-24 at 19:08 -0500, Ken Bass wrote:

I'm new to Xen. I'm using the Xen that comes with Centos 5.1 (which is 
3.1). When I read from /dev/urandom, the values NEVER change. My domU is 
a Centos 5.1 instance. Below I run the simple command twice and get the 
same numbers. If I run another domU I get the SAME numbers!

-bash-3.1# od -tx4 -N 16 /dev/urandom
0000000 d920a168 b904ed93 1dc8962e d1a8c0b1

-bash-3.1# od -tx4 -N 16 /dev/urandom
0000000 d920a168 b904ed93 1dc8962e d1a8c0b1

I need to figure out:
1) How to fix this
2) Isnt this a major security flaw since the random seeds are static/known?

I am using CentOS 5.1 for Dom0's and DomU's and I do not see this issue...

Maybe this will help: http://en.wikipedia.org/wiki/Urandom

Jeffrey Cronstrom

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-users] Major /dev/urandom (Security) issue?, Ken Bass Re: [Xen-users] Major /dev/urandom (Security) issue?, Andy Smith Re: [Xen-users] Major /dev/urandom (Security) issue?, Jan Marquardt Re: [Xen-users] Major /dev/urandom (Security) issue?, Geert Janssens Re: [Xen-users] Major /dev/urandom (Security) issue?, Jeff Cronstrom <= Re: [Xen-users] Major /dev/urandom (Security) issue? [jailtime.org issue], Ken Bass

Previous by Date:	[Xen-users] How to mount the two systems which are in same subnet, Kesavaraj S
Next by Date:	[Xen-devel] Xen Summit Spring 2008 Proposal - UPDATE, Stephen Spector
Previous by Thread:	Re: [Xen-users] Major /dev/urandom (Security) issue?, Geert Janssens
Next by Thread:	Re: [Xen-users] Major /dev/urandom (Security) issue? [jailtime.org issue], Ken Bass
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix