[PATCH 4/4] Include date and time when seeding the RNG.
John Denker
jsd at av8n.com
Sat Sep 11 17:04:48 UTC 2010
---
urandom | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/urandom b/urandom
index d662fdb..25709ac 100755
--- a/urandom
+++ b/urandom
@@ -43,6 +43,15 @@ do_status () {
case "$1" in
start|"")
[ "$VERBOSE" = no ] || log_action_begin_msg "Initializing random number generator"
+ # Seed the RNG with date and time.
+ # This is helpful in the less-than-ideal case where $SAVEDFILE
+ # is read-only.
+ # The value of this is greatly reduced if $SAVEDFILE is missing,
+ # or its contents are shared machine-to-machine or known to
+ # attackers (since they might well know at what time this
+ # machine booted up).
+ date +%s.%N > /dev/urandom
+
# Load and then save $POOLBYTES bytes,
# which is the size of the entropy pool
if [ -f "$SAVEDFILE" ]
--
1.7.0.4
--------------070700040602060407090709--
More information about the Pkg-sysvinit-devel
mailing list