From: Akira Tanaka <akr@...>
Date: 2011-06-13T01:11:26+09:00
Subject: [ruby-core:37064] [Ruby 1.9 - Bug #4579] SecureRandom + OpenSSL may repeat with fork


Issue #4579 has been updated by Akira Tanaka.

File securerandom-openssl-pid-recycle.patch added

Hm.

I don't like pthread_atfork because the hook is run even if we don't need random functions in the child process.
(Remember only async signal safe functions are safe in forked child process)

We should delay modifying PRNG state until we really need it.

securerandom-openssl-pid-recycle.patch do it.
It should work until we have very fast machine which pid is recycled in a nano second.

----------------------------------------
Bug #4579: SecureRandom + OpenSSL may repeat with fork
http://redmine.ruby-lang.org/issues/4579

Author: Eric Wong
Status: Assigned
Priority: Normal
Assignee: Akira Tanaka
Category: lib
Target version: 1.9.x
ruby -v: -


=begin
This could arguably be a bug in OpenSSL or the openssl extension, but
I think it's easier to fix in Ruby right now.

The PRNG in OpenSSL uses the PID to seed the PRNG.  Since PIDs get
recycled over time on Unix systems, this means independent processes
over a long time span will repeat random byte sequences.  This has
security implications, but fortunately very little software forks
very frequently.  I am not a security expert.

I am using OpenSSL 0.9.8g-15+lenny11 (Debian Lenny)

Attached is a script that reproduces the issue (takes a while to run).
It'll output two identical lines to illustrate the issue.

=end



-- 
http://redmine.ruby-lang.org