Closed Bug 356886 Opened 18 years ago Closed 7 years ago

On Unix, RNG_SystemInfoForRNG calls RNG_FileForRNG on the directories /tmp, /var/tmp, and /usr/tmp

Categories

(NSS :: Libraries, defect)

3.11.3
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED INCOMPLETE

People

(Reporter: wtc, Unassigned)

Details

Attachments

(1 file)

On Unix (lib/freebl/unix_rand.c), RNG_SystemInfoForRNG calls RNG_FileForRNG on the directories /tmp, /var/tmp, and /usr/tmp. RNG_FileForRNG first calls fopen on the directory, and then calls fread on the FILE * pointer. It seems that the goal is to do a directory listing (to get a list of the files in a directory). What actually happens is that fopen succeeds but fread fails. So the RNG_FileForRNG calls on the directories don't seem to do what they are intended for.
Once upon a time, the (binary) contents of a directory could be read, just as any other file's contents could be read, by opening them and reading them. Besides file names, they also contains inode numbers (IIRC), which were rather unpredictable (especially in /tmp) and therefore were thought to be a pretty good source of entropy. This code clearly reflects that era, days gone by now, apparently, except on HP where the results still look interesting, but may not have much entropy.
NSS has two different seeds. By default gyp builds get a only /dev/urandom seeded RNG.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: