[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: maradns reproducibility fixes and the merits of picking a random num

From: Efraim Flashner
Subject: Re: maradns reproducibility fixes and the merits of picking a random number
Date: Wed, 8 Jun 2022 14:48:19 +0300

On Tue, Jun 07, 2022 at 08:11:54AM -0400, Brian Cully via Development of GNU 
Guix and the GNU System distribution. wrote:
> > > The upstream website says: "People like MaraDNS because it’s ...
> > > remarkably secure." [1] Since many distributions have the same
> > > issue,
> > > upstream could perhaps offer the patch as a build switch to enable a
> > > build-time seed only when needed.
> > 
> > Sounds like the safest option. Maybe we could change the code that uses
> > that number to naise an exception or abort?
> This seems like the best option to me, as well: either add a flag to
> explicitly enable embedding a constant, or remove the code entirely and
> replace it with a build failure (or runtime failure, if a build failure is
> not possible). It seems like a mis-feature to me to embed a constant seed,
> and invites silent misconfiguration which will lead to security breaches.
> -bjc

I like the idea of forcing the program to segfault if it looks for
/dev/urandom and it isn't there more than distributing a randomized
prime number.

Efraim Flashner   <>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]