WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Major /dev/urandom (Security) issue? [jailtime.org issue

from [Ken Bass] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Major /dev/urandom (Security) issue? [jailtime.org issue]
From: Ken Bass <kbass@xxxxxxxxxxx>
Date: Fri, 25 Jan 2008 11:29:44 -0500
Delivery-date: Fri, 25 Jan 2008 08:30:34 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <4799288F.3000708@xxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4799288F.3000708@xxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.9 (X11/20071031) 
Ken Bass wrote:
I'm new to Xen. I'm using the Xen that comes with Centos 5.1 (which is 3.1). When I read from /dev/urandom, the values NEVER change. My domU is a Centos 5.1 instance. Below I run the simple command twice and get the same numbers. If I run another domU I get the SAME numbers!
First, thanks for those who responded telling me their system was working fine. As a followup, I've discovered that the /dev/urandom file is just a regular file, not a special character file like it should be. This would explain the behavior. The Xen centos 5.1 image that I am using as a test was downloaded from http://jailtime.org/download:centos:v5.1
While the initial filesystem image shows /dev/urandom as a special char device, it seems that on bootup, it is overwritten or something. I notice that rc.sysinit was modified and the line '/sbin/start_udev' was commented out. I suspect that has something to do with it. 


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Xen-users] Domain interfaces, Alasdair P Mclean
Next by Date:  [Xen-users] Corrupted image file and fsck gives up with "exited with signal 11", Juan Rodriguez
Previous by Thread:  Re: [Xen-users] Major /dev/urandom (Security) issue?, Jeff Cronstrom
Next by Thread:  [Xen-users] xen-create-image: second bridge, mac and ip possible?, Zoran Kikic
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy