From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Andy Moreton Newsgroups: gmane.emacs.bugs Subject: bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems Date: Tue, 19 Jan 2016 21:48:58 +0000 Message-ID: <86mvs1fdf9.fsf@gmail.com> References: <569BF8F7.3090904@cs.ucla.edu> <83fuxuevs2.fsf@gnu.org> <569D5004.5080701@cs.ucla.edu> <83h9iad26y.fsf@gnu.org> <569DCAD4.30606@cs.ucla.edu> <83y4blbkrj.fsf@gnu.org> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: ger.gmane.org 1453240224 24282 80.91.229.3 (19 Jan 2016 21:50:24 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Tue, 19 Jan 2016 21:50:24 +0000 (UTC) To: 22202@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Tue Jan 19 22:50:11 2016 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1aLeAF-0000k4-4A for geb-bug-gnu-emacs@m.gmane.org; Tue, 19 Jan 2016 22:50:11 +0100 Original-Received: from localhost ([::1]:39347 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aLeAE-0006i1-JI for geb-bug-gnu-emacs@m.gmane.org; Tue, 19 Jan 2016 16:50:10 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:34016) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aLeAA-0006hp-9P for bug-gnu-emacs@gnu.org; Tue, 19 Jan 2016 16:50:07 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aLeA6-0007qz-D8 for bug-gnu-emacs@gnu.org; Tue, 19 Jan 2016 16:50:06 -0500 Original-Received: from debbugs.gnu.org ([208.118.235.43]:37673) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aLeA6-0007qq-AI for bug-gnu-emacs@gnu.org; Tue, 19 Jan 2016 16:50:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84) (envelope-from ) id 1aLeA6-0000gZ-6M for bug-gnu-emacs@gnu.org; Tue, 19 Jan 2016 16:50:02 -0500 X-Loop: help-debbugs@gnu.org In-Reply-To: <87h9jg5ay2.fsf@gmail.com> Resent-From: Andy Moreton Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 19 Jan 2016 21:50:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 22202 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Original-Received: via spool by submit@debbugs.gnu.org id=B.14532401682586 (code B ref -1); Tue, 19 Jan 2016 21:50:02 +0000 Original-Received: (at submit) by debbugs.gnu.org; 19 Jan 2016 21:49:28 +0000 Original-Received: from localhost ([127.0.0.1]:54126 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84) (envelope-from ) id 1aLe9Y-0000fe-Gu for submit@debbugs.gnu.org; Tue, 19 Jan 2016 16:49:28 -0500 Original-Received: from eggs.gnu.org ([208.118.235.92]:41831) by debbugs.gnu.org with esmtp (Exim 4.84) (envelope-from ) id 1aLe9W-0000fN-WE for submit@debbugs.gnu.org; Tue, 19 Jan 2016 16:49:27 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aLe9P-0007SY-4Y for submit@debbugs.gnu.org; Tue, 19 Jan 2016 16:49:21 -0500 Original-Received: from lists.gnu.org ([2001:4830:134:3::11]:52789) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aLe9O-0007SO-Uo for submit@debbugs.gnu.org; Tue, 19 Jan 2016 16:49:18 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:60860) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aLe9K-0006WH-H9 for bug-gnu-emacs@gnu.org; Tue, 19 Jan 2016 16:49:18 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aLe9G-0007NQ-OZ for bug-gnu-emacs@gnu.org; Tue, 19 Jan 2016 16:49:14 -0500 Original-Received: from plane.gmane.org ([80.91.229.3]:49526) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aLe9G-0007MY-G3 for bug-gnu-emacs@gnu.org; Tue, 19 Jan 2016 16:49:10 -0500 Original-Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1aLe9E-0000Hf-E7 for bug-gnu-emacs@gnu.org; Tue, 19 Jan 2016 22:49:08 +0100 Original-Received: from 82-69-64-228.dsl.in-addr.zen.co.uk ([82.69.64.228]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 19 Jan 2016 22:49:08 +0100 Original-Received: from andrewjmoreton by 82-69-64-228.dsl.in-addr.zen.co.uk with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 19 Jan 2016 22:49:08 +0100 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 35 Original-X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 82-69-64-228.dsl.in-addr.zen.co.uk User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (windows-nt) Cancel-Lock: sha1:3No5cr+JqrjBElLzcPrqsxKhQ7I= X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:111775 Archived-At: On Tue 19 Jan 2016, John Wiegley wrote: >>>>>> Eli Zaretskii writes: > >> We have what we need; calling gnutls_rnd changes nothing in this regard. >> It's just a more complex way of issuing the same system calls. It buys us >> nothing in terms of security and performance, while we sustain the price of >> having core functionality that must run at startup crucially depending on a >> 3rd party library we don't control. > >> John, I feel this decision is wrong and the changes that prefer gnutls_rnd >> should be reverted. Maybe I'm the only one who cares, but then Paul is the >> only one who felt the need to make that change. I'd like to hear your take >> on this, please. > > From what I've read, I agree with you Eli. If we can open /dev/urandom, why do > we need a dependency on GnuTLS to effectively do the same thing? > > What critical feature is GnuTLS buying for us that would make this worthwhile, > Paul? As far as I can see, this set of patches attempted to fix a minor problem, but in doing so: - added unnecessary dependencies on gnutls libraries - broke the Windows builds (which use runtime linking for gnutls) - broke all builds configured with "--without-gnutls" I am happy for the original issue to be addressed, but only if all of the issues listed above are addressed. In particular, it must remain possible to build on a system that does not have gnutls headers and libraries installed, or to disable gnutls support even if the headers and libraries are present. AndyM