From owner-cvs-all  Tue Feb  5 14:10:35 2002
Delivered-To: cvs-all@freebsd.org
Received: from elvis.mu.org (elvis.mu.org [192.203.228.196])
	by hub.freebsd.org (Postfix) with ESMTP
	id 54E0837B420; Tue,  5 Feb 2002 14:10:29 -0800 (PST)
Received: by elvis.mu.org (Postfix, from userid 1192)
	id 288D310DDF8; Tue,  5 Feb 2002 14:10:29 -0800 (PST)
Date: Tue, 5 Feb 2002 14:10:29 -0800
From: Alfred Perlstein <bright@mu.org>
To: "Andrey A. Chernov" <ache@nagual.pp.ru>
Cc: Mark Murray <mark@grondar.za>, des@freebsd.org,
	cvs-committers@freebsd.org, cvs-all@freebsd.org
Subject: Re: cvs commit: src/lib/libpam/modules/pam_unix pam_unix.c
Message-ID: <20020205141029.V59017@elvis.mu.org>
References: <20020205184059.GA6785@nagual.pp.ru> <200202051949.g15Jnhs12003@greenpeace.grondar.org> <20020205205907.GA8005@nagual.pp.ru> <20020205214703.GA8579@nagual.pp.ru> <20020205134833.T59017@elvis.mu.org> <20020205215540.GB8579@nagual.pp.ru> <20020205135820.U59017@elvis.mu.org> <20020205220421.GC8579@nagual.pp.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20020205220421.GC8579@nagual.pp.ru>; from ache@nagual.pp.ru on Wed, Feb 06, 2002 at 01:04:21AM +0300
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

* Andrey A. Chernov <ache@nagual.pp.ru> [020205 14:04] wrote:
> On Tue, Feb 05, 2002 at 13:58:20 -0800, Alfred Perlstein wrote:
> > > 
> > > My patch for this thing just literally replace random() with 
> > > arc4random() and remove srandomdev().
> > 
> > this makes sense, what is the problem with doing so?
> 
> Mark initially says that pam_unix code not needs true cryptographical
> randomness and more simple salt formulae can be used. He promise to come
> with fix. But in his fix he just remove srandomdev() and left random() in
> place cause the bug I demonstrate now. I see absolutely no advantage of
> using random() (deprecated in libraries) for salt instead of safe
> arc4random() like in my patch.

Mark, can you comment?  I've read that you said an application
shouldn't depend on state of random() when making pam calls, but
this doesn't sound very good, it should at least be documented,
better yet avoided...

-- 
-Alfred Perlstein [alfred@freebsd.org]
'Instead of asking why a piece of software is using "1970s technology,"
 start asking why software is ignoring 30 years of accumulated wisdom.'
Tax deductable donations for FreeBSD: http://www.freebsdfoundation.org/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message