[PATCH 4/4] Include date and time when seeding the RNG.

John Denker jsd at av8n.com
Sat Sep 11 17:04:48 UTC 2010


---
 urandom |    9 +++++++++
 1 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/urandom b/urandom
index d662fdb..25709ac 100755
--- a/urandom
+++ b/urandom
@@ -43,6 +43,15 @@ do_status () {
 case "$1" in
   start|"")
 	[ "$VERBOSE" = no ] || log_action_begin_msg "Initializing random number generator"
+        # Seed the RNG with date and time.
+        # This is helpful in the less-than-ideal case where $SAVEDFILE
+        # is read-only.
+        # The value of this is greatly reduced if $SAVEDFILE is missing,
+        # or its contents are shared machine-to-machine or known to
+        # attackers (since they might well know at what time this
+        # machine booted up).
+        date +%s.%N > /dev/urandom
+
 	# Load and then save $POOLBYTES bytes,
 	# which is the size of the entropy pool
 	if [ -f "$SAVEDFILE" ]
-- 
1.7.0.4


--------------070700040602060407090709--



More information about the Pkg-sysvinit-devel mailing list