Open
Bug 1455317
Opened 6 years ago
Updated 2 years ago
Consider to use additional RNG seeding besides urandom
Categories
(NSS :: Libraries, defect, P5)
Tracking
(Not tracked)
NEW
People
(Reporter: KaiE, Unassigned)
References
Details
This is the bug I've promised to file in bug 1057343 comment 18 (c). As part of bug 1346735, Firefox Linux was changed to seed the RNG exclusively using urandom. Previously, Firefox Linux had used some additional data to seed the RNG. In Bug 1346735, Bob Relyea argued that this additional seeding isn't unreasonable. If a Mozilla Firefox binary is running on a system with a broken or predictable (even by accident), then the additional RNG seeding can be helpful, because it makes the RNG less predictable. The intention of this bug is to track the potential change of Firefox to go back to use additional RNG seeding. This could either be the code that exists in unix_rand.c or something else.
Updated•6 years ago
|
Priority: -- → P5
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•