Tags Tags

Bug#660585: nagios-nrpe-server: again use secure RNG

February 19th, 2012 - 09:00 pm ET by Christoph Anton Mitterer | Report spam
Help Create a new topic
Package: nagios-nrpe-server
Version: 2.12-5
Severity: important
Tags: security


Hi.

I've been just shocked when I went through the patches and saw that one removes
the usage of /dev/urandom and replaces it by some week seed.

I mean ok, SSL in the Nagios version of NRPE is completely broken anyway...

But why're you doing this? Sorry for making noise, but it seems just pointless?!
This remembers so strong to Debian's OpenSSL patching around catastrophy.


Even though SSL is useless anyway right now, if there's no good reason for it,
please drop this patch.


Cheers,
Chris.



To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
email Follow the discussionReplies 3 repliesReplies Make a reply

Similar topics

Replies

#1 Nico Golde
February 20th, 2012 - 06:10 am ET | Report spam

Hi,
* Christoph Anton Mitterer [2012-02-20 10:05]:
I've been just shocked when I went through the patches and saw that one removes
the usage of /dev/urandom and replaces it by some week seed.



I'm not sure if I can agree with you here. The fact that before the patch the
code was using urandom doesn't necessarily make it more secure. Actually
looking at the patch, the code was using a one character seed (0..255) as a
random seed before. Please see
http://bugs.debian.org/cgi-bin/bugr...bug=333552

Kind regards
Nico
Nico Golde - http://www.ngolde.de - - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.






To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact
Replies Reply to this message
#2 Alexander Wirt
February 20th, 2012 - 07:40 am ET | Report spam
Christoph Anton Mitterer schrieb am Monday, den 20. February 2012:

On Mon, 2012-02-20 at 11:58 +0100, Nico Golde wrote:
> I'm not sure if I can agree with you here. The fact that before the patch the
> code was using urandom doesn't necessarily make it more secure. Actually
> looking at the patch, the code was using a one character seed (0..255) as a
> random seed before. Please see
> http://bugs.debian.org/cgi-bin/bugr...i?bug33552

Well...
a) SSL is broken in NRPE anyway... so I rather consider this at the
moment a "conceptual" issue than a technical.

b) I doubt that a (probably predictable - that may be even a multi-user
system) number made out of PID/PPID/date is more secure than a (for the
real world) quite secure /dev/urandom .

c) I'm not an in-dept crypto expert, but if that 8 bit of entropy are
not enough for SSLs initial PRNG seed, than a patch that reads just a
bit more would have been the obvious; right?

d) The argument in that bug is imho not very strong,...
draining /dev/urandom by reading just one byte is difficult (of course
if you have thousands of concurrent NRPEs things look different).
But I guess the right solution would have been to just disable the
broken ssl support per default?
To the uneducated user it gives just a wrong sense of security, while in
reality it helps nothing at all and costs just performance.

Anyway,... to some extent this strongly remembers me to the OpenSSL
debacle...

Cheers,
Chris.

btw: To the Nagios maintainers,... I know I've opened several bugs
recently, some of which you closed/wontfix already,.. hope you don't
consider this as getting on your nerves; my intention is just to imrove
the packages :)


in fact you do. You are telling us mostly known things or just nonsense.

Alex




To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact
Replies Reply to this message
#3 Nico Golde
February 20th, 2012 - 10:00 am ET | Report spam

Hi,
* Christoph Anton Mitterer [2012-02-20 13:13]:
On Mon, 2012-02-20 at 11:58 +0100, Nico Golde wrote:
> I'm not sure if I can agree with you here. The fact that before the patch the
> code was using urandom doesn't necessarily make it more secure. Actually
> looking at the patch, the code was using a one character seed (0..255) as a
> random seed before. Please see
> http://bugs.debian.org/cgi-bin/bugr...bug=333552

Well...
a) SSL is broken in NRPE anyway... so I rather consider this at the
moment a "conceptual" issue than a technical.

b) I doubt that a (probably predictable - that may be even a multi-user
system) number made out of PID/PPID/date is more secure than a (for the
real world) quite secure /dev/urandom .



I'm not arguing with you about what is more secure and what not. Fact is both
solutions are not secure from a crypto perspective and there was a reason
(which I can't judge in practice) to change the behaviour. Comparing this to
the "openssl debacle" is ridiculous if you ask me and will likely piss people
off.

Cheers
Nico
Nico Golde - http://www.ngolde.de - - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.






To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact
email Follow the discussion Replies Reply to this message
Help Create a new topicReplies Make a reply
Search Make your own search