robert at linuxfromscratch.org
Sun Oct 19 16:22:15 PDT 2008
I was just looking at the loop-aes patch for util-linux-ng and realized that
swapon uses /dev/urandom to make a random key for encrypted swap (it also
uses a SHA-512 of old swap data). When swap is activated during boot there
hasn't been much to seed the kernel entropy pool, so /dev/urandom is a bit
predictable. I have some ideas on making this better:
BLFS-bootscripts have S25random reseeding /dev/random fairly late. Ideally it
should go in after udev, and before swap, and perhaps load other boot scripts
before activating swap.
If an rngd is added to the random boot script, then loop-aes's swapon.c can
use /dev/random instead of urandom. The old random-seed should get dumped
after rngd is started, not before, to allow rngd to fill the watermark before
random-seed stirs the pool. If rngd is installed and works, then the loop-aes
patch can be modified to use /dev/random exclusively (no hash of old swap),
and cause swapon to abort otherwise (it currently does not exit
if /dev/urandom doesn't exist, just gives a warning).
Also, I think we talked about adding loop-aes to hlfs a long time ago, and it
was voted against because its a physical security thing... but with swap it's
not. If someone has read access to the swap device (someone in the 'disc'
group), they could find sensitive information. GnuPG can be configured not to
use swap, but GnuPG is not the only package that handles passwords or private
files. Can we vote again? Alternatively, the swap device could be configured
in udev to have no permissions (ugo-rwx) and owned by 'swap'... or both
encrypted swap and no permissions on the device (I like this idea best).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: not available
More information about the hlfs-dev