Open Bug 1455317 Opened 6 years ago Updated 2 years ago

Consider to use additional RNG seeding besides urandom

Categories

(NSS :: Libraries, defect, P5)

Product:
NSS
Component:
Libraries
Version:
3.35
Type:
defect

Tracking

(Not tracked)

People

(Reporter: KaiE, Unassigned)

References

Details

This is the bug I've promised to file in bug 1057343 comment 18 (c).

As part of bug 1346735, Firefox Linux was changed to seed the RNG exclusively using urandom.

Previously, Firefox Linux had used some additional data to seed the RNG.

In Bug 1346735, Bob Relyea argued that this additional seeding isn't unreasonable. If a Mozilla Firefox binary is running on a system with a broken or predictable (even by accident), then the additional RNG seeding can be helpful, because it makes the RNG less predictable.

The intention of this bug is to track the potential change of Firefox to go back to use additional RNG seeding. This could either be the code that exists in unix_rand.c or something else.
See Also: → 1057343
Priority: -- → P5
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.