This appears to no longer be a problem in Ubuntu 14.04 or at least I
have not been able to replicate it in the same way. This is still a
problem for 12.04 however.
** Changed in: linux (Ubuntu)
Status: Expired = Fix Released
--
You received this bug notification because you are a member
[Expired for linux (Ubuntu) because there has been no activity for 60
days.]
** Changed in: linux (Ubuntu)
Status: Incomplete = Expired
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/575669
** Changed in: linux (Ubuntu)
Status: Invalid = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/575669
Title:
Rapid depletion of entropy pool
To manage notifications about this bug
Christopher,
Can you explain how the commit you linked to resolves this issue? The
commit seems to place process permissions checks on /proc/pid/stat and
/proc/pid/wchan. I do not see how this affects the available entropy
unless entropy is being depleted by unauthorized processes accessing
those
agent 8131, pending the test you noted you would perform in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/575669/comments/7
and subsequent apport-collect.
** Changed in: linux (Ubuntu)
Status: Confirmed = Incomplete
--
You received this bug notification because you are a member of
Christopher,
You did not address my previous question as to why that patch would
resolve this issue.
Am I correct in assuming that you are requesting that I reproduce these
conditions in the unreleased 14.04? It should be noted, if not reflected
in the bug status, that this is still a confirmed
agent8131, the patch you requested (
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/575669/comments/4 ) is
currently available in Trusty:
http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-trusty.git;a=commit;h=f83ce3e6b02d5e48b3a43b001390e2b58820389d
If this doesn't work out for you, please
I've come across another solution that this would be useful. In the
testing of filesystems with compression enabled (zfs, btrfs). Trying to
figure out raw write speeds using /dev/zero is meaningless because the
data is highly compressed. Using /dev/urandom is too slow (~ 6MB/s).
Based on this
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Changed in: glibc (Ubuntu)
Status: New = Confirmed
** Changed in: glibc (Ubuntu)
Importance: Undecided = Wishlist
** Package changed: glibc (Ubuntu) = linux (Ubuntu)
** Changed in: linux
And here, noticed on Gentoo a couple of months ago:
http://www.gossamer-threads.com/lists/gentoo/hardened/208081
--
Rapid depletion of entropy pool
https://bugs.launchpad.net/bugs/575669
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
AT_RANDOM is used by default in the Linux kernel since 2.6.29:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=f06295b44c296c8fb08823a3118468ae343b60f2
Almost all modern Linux systems use ASLR and stack protections that need
a small amount of entropy per process.
independently of ASLR, it would still be nice if the kernel provided a
'strong' but fast PRNG device that one could for example use to sanitize
a harddrive at raw write speeds, something that isn't possible with
/dev/urandom for example. if such a PRNG existed it could then of course
be used for
12 matches
Mail list logo
