Re: maradns reproducibility fixes and the merits of picking a random num

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: maradns reproducibility fixes and the merits of picking a random num

From:	Brian Cully
Subject:	Re: maradns reproducibility fixes and the merits of picking a random number
Date:	Tue, 07 Jun 2022 08:11:54 -0400
User-agent:	mu4e 1.6.10; emacs 28.1

The upstream website says: "People like MaraDNS because it’s ...
remarkably secure." [1] Since many distributions have the sameissue,upstream could perhaps offer the patch as a build switch toenable a
build-time seed only when needed.
Sounds like the safest option. Maybe we could change the codethat uses that number to naise an exception or abort?

This seems like the best option to me, as well: either add a flagto explicitly enable embedding a constant, or remove the codeentirely and replace it with a build failure (or runtime failure,if a build failure is not possible). It seems like a mis-featureto me to embed a constant seed, and invites silentmisconfiguration which will lead to security breaches.


-bjc

[Prev in Thread]

Current Thread

[Next in Thread]

maradns reproducibility fixes and the merits of picking a random number, Vagrant Cascadian, 2022/06/06
- Re: maradns reproducibility fixes and the merits of picking a random number, Felix Lechner, 2022/06/06
  - Re: maradns reproducibility fixes and the merits of picking a random number, Julien Lepiller, 2022/06/07
    - Re: maradns reproducibility fixes and the merits of picking a random number, Brian Cully <=
    - Re: maradns reproducibility fixes and the merits of picking a random number, Efraim Flashner, 2022/06/08
    - Re: maradns reproducibility fixes and the merits of picking a random number, Tobias Geerinckx-Rice, 2022/06/08
    - Re: maradns reproducibility fixes and the merits of picking a random number, Efraim Flashner, 2022/06/08
    - Re: maradns reproducibility fixes and the merits of picking a random number, Vagrant Cascadian, 2022/06/08
    - Re: maradns reproducibility fixes and the merits of picking a random number, Vagrant Cascadian, 2022/06/22
    - Re: maradns reproducibility fixes and the merits of picking a random number, Vagrant Cascadian, 2022/06/27
    - Re: maradns reproducibility fixes and the merits of picking a random number, Efraim Flashner, 2022/06/28
    - Re: maradns reproducibility fixes and the merits of picking a random number, Jack Hill, 2022/06/28
    - Re: maradns reproducibility fixes and the merits of picking a random number, Tobias Geerinckx-Rice, 2022/06/28
    - Re: maradns reproducibility fixes and the merits of picking a random number, Gábor Boskovits, 2022/06/28

Prev by Date: Re: On commit access, patch review, and remaining healthy
Next by Date: Re: On commit access, patch review, and remaining healthy
Previous by thread: Re: maradns reproducibility fixes and the merits of picking a random number
Next by thread: Re: maradns reproducibility fixes and the merits of picking a random number
Index(es):
- Date
- Thread