From: Richard Copley <rcopley@gmail.com>
To: Eli Zaretskii <eliz@gnu.org>,
Demetri Obenour <demetriobenour@gmail.com>,
22202@debbugs.gnu.org
Subject: bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems
Date: Tue, 29 Dec 2015 15:36:12 +0000 [thread overview]
Message-ID: <CAPM58ojkc5zNp3TOwsTGtXV+FSkmFRZ+PdhW2w=mLdrgsNuZsQ@mail.gmail.com> (raw)
In-Reply-To: <87h9jg5ay2.fsf@gmail.com>
> Please provide the necessary details for reproducing this problem and
> verifying the solution. What I'm missing:
>
> > 1. Be logged into the same Windows computer as someone else.
>
> How do you do that? I understand you are describing a situation where
> 2 users are logged into the same Windows system simultaneously using
> the same credentials, is that true? If so, how to create such a
> situation?
I don't think that is possible; however, two /different/ accounts can
be logged in to a computer at the same time, via Remote Desktop or
Fast User Switching. (If the computer is a Remote Desktop server then
two users can be simultaneously interacting with their desktops, in
separate sessions. That's not at all uncommon in a business
environment, but I don't think it's relevant to this question.)
> > 2. Have a process running that is notified whenever a process starts up
> > 3. Have them run `emacs --daemon' or invoke `server-start'.
> > 4. Use the knowledge of the current time and the server's PID to guess
> > the authentication key.
>
> I don't think we use the current time and PID for that, but even if we
> do, how do you get a hold of the time at the moment of the server
> creation to nanosecond resolution? Please tell how to do that.
We use function "random" (see function "server-generate-key"); its
seed is typically set at startup using the current time and PID (see
"init_random()" in sysdep.c), so it's the time Emacs started that you
would want to know, not the time the server started. You can get the
start time (to the nearest second at least) and PID of any user's
processes using, e.g., Process Explorer.
I'm not sure what resolution timestamp we end up using as the seed.
gettime() might return microsecond timestamps in certain configurations.
I can't speak for Demetri but it seems to me he's imagining an attacker
who is prepared to use a certain amount of brute force. Knowing or
guessing the Emacs start time within a few seconds would reduce the
search space.
next prev parent reply other threads:[~2015-12-29 15:36 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-18 10:05 bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems Demetri Obenour
2015-12-18 10:46 ` Eli Zaretskii
2015-12-29 15:36 ` Richard Copley [this message]
2015-12-29 16:21 ` Eli Zaretskii
2015-12-29 17:44 ` Richard Copley
2015-12-29 20:00 ` David Engster
2015-12-29 21:22 ` Richard Copley
2015-12-29 22:02 ` David Engster
2015-12-29 23:13 ` Richard Copley
2015-12-30 15:58 ` Eli Zaretskii
2015-12-30 20:47 ` Richard Copley
2015-12-30 20:56 ` Richard Copley
2015-12-30 20:56 ` Eli Zaretskii
2015-12-30 21:15 ` Richard Copley
2015-12-31 14:14 ` Eli Zaretskii
2015-12-31 17:04 ` Demetrios Obenour
2015-12-31 17:24 ` Eli Zaretskii
2015-12-31 17:47 ` Richard Copley
2015-12-31 18:22 ` Eli Zaretskii
2015-12-31 19:20 ` Eli Zaretskii
2015-12-31 19:49 ` Richard Copley
2015-12-31 20:13 ` Eli Zaretskii
2015-12-31 20:44 ` Richard Copley
2016-01-15 9:55 ` Eli Zaretskii
2016-01-17 20:26 ` Paul Eggert
2016-01-18 1:42 ` Paul Eggert
2016-01-18 14:40 ` Richard Copley
2016-01-18 16:05 ` Eli Zaretskii
2016-01-18 16:20 ` Richard Copley
2016-01-18 15:45 ` Eli Zaretskii
2016-01-18 20:50 ` Paul Eggert
2016-01-18 21:09 ` Eli Zaretskii
2016-01-19 5:34 ` Paul Eggert
2016-01-19 16:24 ` Eli Zaretskii
2016-01-19 17:03 ` John Wiegley
2016-01-19 17:38 ` Paul Eggert
2016-01-19 18:44 ` Eli Zaretskii
2016-01-19 17:07 ` Paul Eggert
2016-01-19 18:16 ` Eli Zaretskii
2016-01-20 0:39 ` Paul Eggert
2016-01-18 12:04 ` Andy Moreton
2016-01-18 15:57 ` Eli Zaretskii
2016-01-18 23:03 ` John Wiegley
2016-01-19 21:48 ` Andy Moreton
2016-01-20 3:31 ` Glenn Morris
2016-01-20 14:06 ` Andy Moreton
2016-01-20 14:12 ` Eli Zaretskii
2016-01-20 15:15 ` Andy Moreton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAPM58ojkc5zNp3TOwsTGtXV+FSkmFRZ+PdhW2w=mLdrgsNuZsQ@mail.gmail.com' \
--to=rcopley@gmail.com \
--cc=22202@debbugs.gnu.org \
--cc=demetriobenour@gmail.com \
--cc=eliz@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).