urandom startup script initializes poolsize with incorrect value
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sysvinit (Debian) |
Fix Released
|
Unknown
|
|||
sysvinit (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
/etc/init.d/urandom compares the size of the saved pool in /var/lib/
Btw. The comment saying:
# Hm, why is the saved pool re-created at boot? [pere 2009-09-03]
should be replaced with:
# The saved pool re-created at boot to ensure successive boots will use a different random seed, even if the system did not shut down cleanly.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: initscripts 2.87dsf-4ubuntu17.4
ProcVersionSign
Uname: Linux 2.6.32-37-generic i686
Architecture: i386
Date: Mon Mar 5 12:02:10 2012
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 10.04.3 LTS "Lucid Lynx" - Release i386 (20110720.1)
ProcEnviron:
PATH=(custom, user)
LANG=en_DK.utf8
SHELL=/bin/bash
SourcePackage: sysvinit
Related branches
Changed in sysvinit (Ubuntu): | |
status: | Confirmed → Fix Committed |
Changed in sysvinit (Debian): | |
status: | Unknown → Fix Released |
I noticed another bug in the same script. The two calls of dd to save the seed during boot and shutdown will truncate the pool before writing new data. This will cause a small time window during which the seed only exists in RAM and not on permanent storage. If the system was to crash or lose power during that time window, all the entropy collected since the system was first installed would be lost. Using conv=notrunc would avoid this problem.