[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SECURITY: Patch for broken rc.sysinit in Mandrake 8.2

Le Dimanche 7 Avril 2002 19:47, Jari Ruusu a écrit :
>
> Not directly related to Mandrake init scripts, but next version of loop-AES
> will setup encrypted swap _without_ changes to init scripts. All user needs
> to do is to add "loop=/dev/loop?" and "encryption=AES128" options to swap
> lines in /etc/fstab and "swapon -a" and "swapoff -a" will take care of all
> encrypted swap setup work.

That's great :-)

> I have attached new util-linux patches if someone wants to try them.

I haven't got enough time now for recompiling util-linux and test this 
(sorry), and my primary goal was just to fix the broken rc.sysinit that comes 
with Mandrake 8.2

But I've read part of your code, and I took an improvement to my existing 
patched rc.sysinit from it:

As the system entropy pool may not contain enough entropy at an early step in 
the system statup, to allow "mcookie" to deliver a good quality random 
"passphrase", I inspired myself with what you do in your code:

I seeded mcookie using the 40 first KB of the previous encrypted swap, before 
overwriting them with 40 KB of zeroes encrypted with the new random session 
key.

Adding this to the random bytes that mcookie takes from /dev/urandom (or 
/dev/random) and its other pseudo-random sources will very probably improve 
the randomness of resulting session keys.

Please find attached a new patch to rc.sysinit, which should be applied AFTER 
the patch that I sent yesterday.

I believe that this results both in a working ;-) and quite secure swap 
encryption in Mandrake 8.2.

Cheers.

-- 
Michel Bouissou <michel@bouissou.net> OpenPGP ID 0x5C2BEE8F


--- rc.sysinit.patch.MiB.1	Mon Apr  8 10:02:37 2002
+++ rc.sysinit	Mon Apr  8 10:30:27 2002
@@ -1112,7 +1112,7 @@
 rm -f /tmp/.s.PGSQL.*
 
 #Detect and create/activate encrypted swap
-#Changed by Michel Bouissou on 2002/04/07
+#Changed by Michel Bouissou on 2002/04/08
 if [[ -n $encrypted_swap ]];then
     loop=NONE
     action "Testing insertion of loop module" modprobe loop
@@ -1136,8 +1136,10 @@
             done
 	    if [ $loop != NONE ]; then
                 swapoff $swdev > /dev/null 2>&1
-                mcookie | losetup -p 0 -e AES128 $loop $swdev > /dev/null 2>&1
+		dd if=$swdev bs=1024 count=40 2>/dev/null |\
+                mcookie -f /dev/stdin | losetup -p 0 -e AES128 $loop $swdev > /dev/null 2>&1
                 if [ $? == 0 ]; then
+                    dd if=/dev/zero of=$loop bs=1024 count=40 > /dev/null 2>&1
                     action "Creating encrypted swap space on %s:" $loop mkswap $loop
                     if [ $? == 0 ]; then
                        action "Activating swap on %s:" $loop swapon -p 0 $loop