Bug 31521 - /etc/rc.d/init/random generator's state gets deleted on startup
Summary: /etc/rc.d/init/random generator's state gets deleted on startup
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: initscripts   
(Show other bugs)
Version: 7.0
Hardware: i386 Linux
Target Milestone: ---
Assignee: Bill Nottingham
QA Contact: David Lawrence
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2001-03-12 17:08 UTC by Martin Purschke
Modified: 2014-03-17 02:19 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-03-12 17:08:40 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Martin Purschke 2001-03-12 17:08:36 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.72 [en] (X11; U; Linux 2.2.16 i686)

In /etc/rc.d/init/random we preserve the status of the builtin random
generator on shutdown:

	# Carry a random seed from shut-down to start-up
	# Save 512 bytes, which is the size of the entropy pool
	touch $random_seed
	chmod 600 $random_seed
	action "Saving random seed" dd if=/dev/urandom of=$random_seed count=1
bs=512 2>/dev/null

but on the subsequent startup, we delete the /var/run/random-seed file in

# Clean up /var
# I'd use find, but /usr may not be mounted.
for afile in /var/lock/* /var/run/*; do
   if [ -d "$afile" ]; then
      [ "`basename $afile`" != "news" -a "`basename $afile`" != "sudo" ] &&
rm -f $afile/*
      rm -f $afile

We could add to rc.sysinit to leave that file alone, but it would be
cleaner to save the random state in a different directory that doesn't get
cleaned out.

Reproducible: Always
Steps to Reproduce:
1. just look at it - in the random start) section we always just create the
file from scratch, because it has been deleted just before.

This bug might open a potential security hole with generated keys using
that random generator. It severely cuts down on the phase space for the
seed value, and makes things like ssh keys easier to break. In the best of
circumstances, the 512 bytes are filled with random bits at power up, but
if the BIOS runs a memory test at power-on, it might be much more
predictable, depending on the hardware and setup. 

It's in 6.x, and 7.x distributions alike.

Comment 1 Bill Nottingham 2001-03-12 17:17:59 UTC
Will be fixed in 5.76-1; I changed it to write it to /var/lib.

Note You need to log in before you can comment on or make changes to this bug.