Entropy deletion in /dev/random

You think you have found a bug? Let us know about it.
Post Reply
noloader
Posts: 3
Joined: 21. Jul 2019, 03:24

Entropy deletion in /dev/random

Post by noloader »

Salix is suffering entropy depletion in /dev/random. Testing the interface fails to produce random numbers. This is [sadly] normal for many Linux distros. The kernel is defective out of the box.

The gap for Salix is, there is no package to fix the problem. On Debian and derivatives we install rng-tools to keep the generator in good working order. Salix does not appear to offer such a package.

According to `slapt-get --search random` there is a util-linux package. However it is already installed but the problem continues. `slapt-get --search rng` results in no related hits.
User avatar
gapan
Salix Wizard
Posts: 6236
Joined: 6. Jun 2009, 17:40

Re: Entropy deletion in /dev/random

Post by gapan »

Indeed, but that is expected and not something new. Why are you not using /dev/urandom instead?

It is my understanding that this is the one to use over /dev/random.
https://unix.stackexchange.com/question ... ev-urandom
Image
Image
User avatar
gapan
Salix Wizard
Posts: 6236
Joined: 6. Jun 2009, 17:40

Re: Entropy deletion in /dev/random

Post by gapan »

I just added a package for rng-tools in the repos anyway. You should be able to get it as soon as your mirror syncs.
Image
Image
noloader
Posts: 3
Joined: 21. Jul 2019, 03:24

Re: Entropy deletion in /dev/random

Post by noloader »

gapan wrote: 21. Jul 2019, 06:44 Indeed, but that is expected and not something new. Why are you not using /dev/urandom instead?
I'm performing security testing and evaluation (ST&E). I'm testing `/dev/random` because Salix provides it.

If Salix does not provide it, then I won't test it.
noloader
Posts: 3
Joined: 21. Jul 2019, 03:24

Re: Entropy deletion in /dev/random

Post by noloader »

gapan wrote: 21. Jul 2019, 10:27 I just added a package for rng-tools in the repos anyway.
Thanks. Forgive my ignorance... Is it enabled by default?

There's an obvious argument that since Salix provides `/dev/random`, they should make it actually work in practice out of the box. Someone should not have to do something special to get into a good working state.

Those who don't want a functioning `/dev/random` should have to do something special, like uninstall rng-tools.

Another alternative I like is, don't provide `/dev/random` since it has been deprecated for almost a decade and it is broken out of the box. This also makes sense if Salix is providing unaudited code. You dont want unaudited code incorrectly using `/dev/random`. Just break the code and switch it over to `/dev/urandom`.

Peter Gutmann has a lot to say about being in a good configuration out of the box in his book *[Engineering Security](http://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf)*. You should never ship in a bad state and expect users to do something special to get into a good state. That is a security engineering failure.
User avatar
gapan
Salix Wizard
Posts: 6236
Joined: 6. Jun 2009, 17:40

Re: Entropy deletion in /dev/random

Post by gapan »

noloader wrote: 22. Jul 2019, 03:57 Thanks. Forgive my ignorance... Is it enabled by default?
If you install the package, the service is enabled by default, if that's what you mean.

But of course the package is not installed by default after a new installation.
noloader wrote: 22. Jul 2019, 03:57There's an obvious argument that since Salix provides `/dev/random`, they should make it actually work in practice out of the box. Someone should not have to do something special to get into a good working state.

Those who don't want a functioning `/dev/random` should have to do something special, like uninstall rng-tools.

Another alternative I like is, don't provide `/dev/random` since it has been deprecated for almost a decade and it is broken out of the box. This also makes sense if Salix is providing unaudited code. You dont want unaudited code incorrectly using `/dev/random`. Just break the code and switch it over to `/dev/urandom`.
My understanding is that nobody looks at /dev/random for a good source of entropy.

Also, there is not a single distribution that is not providing unaudited code. If you find a piece of software using /dev/random, while they shouldn't, you should report it to that software's developers.

It's not hard to switch /dev/random over to /dev/urandom by default. We'll consider it for the next release.
Image
Image
Post Reply