Red Hat Bugzilla – Full Text Bug Listing
|Summary:||Improve bash $RANDOM pseudo RNG|
|Product:||[Fedora] Fedora||Reporter:||Tomas Mraz <tmraz>|
|Component:||bash||Assignee:||Pete Graner <pgraner>|
|Status:||CLOSED ERRATA||QA Contact:||Ben Levenson <benl>|
|Fixed In Version:||3.2-19.fc7||Doc Type:||Enhancement|
|Doc Text:||Story Points:||---|
|Last Closed:||2008-01-11 17:04:39 EST||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Bug Depends On:|
Description Tomas Mraz 2007-04-02 15:43:51 EDT
Description of problem: The bash $RANDOM pseudo RNG is very weak and seeded with just PID and time. It should at least use glibc's random() implementation which has better properties. Or some other pseudo RNG with better cryptographic properties. Also the default seed should be from /dev/urandom or at least using gettimeofday if /dev/urandom is not available. If you agree with the above I'll provide a patch.
Comment 1 Steve Grubb 2007-04-02 17:01:34 EDT
All other shells properly seed the random number generator. I tested ksh, tcsh, and zsh. They all have better random number generators than bash. This patch should get into RHEL5/4 at some point.
Comment 2 Tomas Mraz 2007-04-05 06:03:22 EDT
Created attachment 151746 [details] Proposed patch The patch uses glibc random number generator instead of the builtin and adds support for seeding the rng from /dev/urandom.
Comment 3 Steve Grubb 2007-04-05 09:13:46 EDT
Reviewed patch. Looks OK to me. Assuming this patch looks good to others, we should clone the bug for RHEL5.1 & RHEL4.6.
Comment 4 Tim Waugh 2007-04-05 09:30:28 EDT
Patch looks good to me.
Comment 5 Tomas Mraz 2007-04-05 10:30:30 EDT
Will you push it upstream Tim?
Comment 6 Steve Grubb 2007-06-11 08:49:53 EDT
Hi...what's the status on this? rawhide does not appear to have a good random number generator nor does FC6 or 7. Thanks.
Comment 7 Tim Waugh 2007-06-11 08:56:12 EDT
Haven't had time to look at this yet. I've marked it as an F8 target.
Comment 8 Pete Graner 2007-08-15 13:50:55 EDT
Patch appears to work, test packages are here: https://koji.fedoraproject.org/packages/bash/3.2/13.fc8/
Comment 9 Steve Grubb 2007-08-19 08:31:45 EDT
Tomas, I was looking over the patch after seeing AVC's for all kinds of programs. I think we can improve the patch by doing a lazy init of RANDOM. This will improve performance since now every shell script has to open /dev/urandom and read from it , reduce the number of AVC's to the programs that really need access to /dev/uranmdom, and help preserve the entropy by not using it when not needed.
Comment 10 Tomas Mraz 2007-08-20 10:48:09 EDT
Created attachment 161886 [details] Improved patch This improved patch initializes the bash random number generator only on demand - that is when you'll ask for $RANDOM. The patch also fixes another bug in the bash rng code - the rng was not reinitialized in deeper subshells so this command: (echo $RANDOM ; (echo $RANDOM ; echo $RANDOM) ; (echo $RANDOM ; echo $RANDOM) ; (echo $RANDOM ; echo $RANDOM)) returned values like: A B C B C B C although they all should be random values instead.
Comment 11 Steve Grubb 2007-08-22 14:59:42 EDT
This patch tests good. We should apply this patch to bash and respin.
Comment 12 Pete Graner 2007-08-22 19:08:20 EDT
I built this on 2007-08-20 12:21:11 but we have not had a rawhide push in a few days :-( you can find the pkg here until then: https://koji.fedoraproject.org/packages/bash/3.2/15.fc8/ Putting in MODIFIED I'll move to CLOSED RAWHIDE once we actually have a new push.
Comment 13 Pete Graner 2007-08-28 16:18:42 EDT
Looks good. Closing.
Comment 14 Fedora Update System 2007-11-28 20:32:45 EST
bash-3.2-19.fc7 has been pushed to the Fedora 7 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update bash'
Comment 15 Fedora Update System 2008-01-11 17:04:31 EST
bash-3.2-19.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.