From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems Date: Thu, 31 Dec 2015 20:22:58 +0200 Message-ID: <838u4abhq5.fsf@gnu.org> References: <83lh8ddy45.fsf@gnu.org> <8760zh81oo.fsf@isaac.fritz.box> <83mvssc4ix.fsf@gnu.org> <1451581478.15612.5.camel@gmail.com> <83bn96bkez.fsf@gnu.org> Reply-To: Eli Zaretskii NNTP-Posting-Host: plane.gmane.org X-Trace: ger.gmane.org 1451699574 16047 80.91.229.3 (2 Jan 2016 01:52:54 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sat, 2 Jan 2016 01:52:54 +0000 (UTC) Cc: 22202@debbugs.gnu.org, demetriobenour@gmail.com, deng@randomsample.de To: Richard Copley Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sat Jan 02 02:52:41 2016 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1aFBN3-0003VA-Hj for geb-bug-gnu-emacs@m.gmane.org; Sat, 02 Jan 2016 02:52:41 +0100 Original-Received: from localhost ([::1]:37232 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aFBN3-0007PE-15 for geb-bug-gnu-emacs@m.gmane.org; Fri, 01 Jan 2016 20:52:41 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:54840) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aFBMY-0006Z7-18 for bug-gnu-emacs@gnu.org; Fri, 01 Jan 2016 20:52:11 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aFBMV-0002wE-MH for bug-gnu-emacs@gnu.org; Fri, 01 Jan 2016 20:52:09 -0500 Original-Received: from debbugs.gnu.org ([208.118.235.43]:45934) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aFBMV-0002w9-J5 for bug-gnu-emacs@gnu.org; Fri, 01 Jan 2016 20:52:07 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84) (envelope-from ) id 1aFBMV-0008C7-D1 for bug-gnu-emacs@gnu.org; Fri, 01 Jan 2016 20:52:07 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 02 Jan 2016 01:52:07 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 22202 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security Original-Received: via spool by 22202-submit@debbugs.gnu.org id=B22202.145169951931371 (code B ref 22202); Sat, 02 Jan 2016 01:52:07 +0000 Original-Received: (at 22202) by debbugs.gnu.org; 2 Jan 2016 01:51:59 +0000 Original-Received: from localhost ([127.0.0.1]:34132 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84) (envelope-from ) id 1aFBMM-00089o-Mq for submit@debbugs.gnu.org; Fri, 01 Jan 2016 20:51:58 -0500 Original-Received: from eggs.gnu.org ([208.118.235.92]:33965) by debbugs.gnu.org with esmtp (Exim 4.84) (envelope-from ) id 1aFBB1-00068D-DB for 22202@debbugs.gnu.org; Fri, 01 Jan 2016 20:40:15 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aEhre-0002YP-4u for 22202@debbugs.gnu.org; Thu, 31 Dec 2015 13:22:22 -0500 Original-Received: from fencepost.gnu.org ([2001:4830:134:3::e]:33776) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aEhre-0002YF-2A; Thu, 31 Dec 2015 13:22:18 -0500 Original-Received: from 84.94.185.246.cable.012.net.il ([84.94.185.246]:2396 helo=HOME-C4E4A596F7) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.82) (envelope-from ) id 1aEhrc-0002BA-VR; Thu, 31 Dec 2015 13:22:17 -0500 In-reply-to: (message from Richard Copley on Thu, 31 Dec 2015 17:47:18 +0000) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:111078 Archived-At: > From: Richard Copley > Date: Thu, 31 Dec 2015 17:47:18 +0000 > Cc: Demetrios Obenour , David Engster , > 22202@debbugs.gnu.org > > That last patch would still improve matters. The user would have > to be publishing the output of their PRNG to begin with in order > for the attacker to analyse it and guess the seed. (I don't know > how one could do that but that's no proof that it's impossible.) I don't even understand how that could be possible. > What Demetri has just described is what I would do. Now I'm confused: do what? We still need to support 'random' with an argument, so we cannot get rid of seeding a PRNG with a known value. And I didn't want to remove srandom. > + if (w32_crypto_hprov) > + w32_init_crypt_random (); > > should be > > + if (! w32_crypto_hprov) > + w32_init_crypt_random (); Ah, that's a left-over from debugging. Thanks.