ConsoleKit, PolicyKit, HAL, XDG_SESSION_COOKIE
Lennart Poettering
mzqohf at 0pointer.de
Sat Aug 7 11:48:00 PDT 2010
On Wed, 28.07.10 09:47, David Zeuthen (zeuthen at gmail.com) wrote:
>
> Hi,
>
> On Wed, Jul 28, 2010 at 6:00 AM, Lennart Poettering <mzqohf at 0pointer.de> wrote:
> > The only real criticism I had was about the fact that the alg that is
> > used to generate the cookie outputs guessable values.
>
> FWIW, I agree it would be a big problem $XDG_SESSION_COOKIE was
> guessable. But they are not. Why do you think they are? Each cookie
> ends in a 32-bit random number, see
>
> http://cgit.freedesktop.org/ConsoleKit/tree/src/ck-manager.c?id=0.4.1#n299
>
> using g_random_int_range(). So if g_random_int_range() is a good and
> secure random function (and it is), what exactly is the problem? It's
> not like you can easily guess one.
Well, g_random_int_range() is based on a PRNG that is not
cryptographically secure (mersenne twister). That basically means by
collecting random values it generates you can calculcate what's coming
next. Login, write down the cookie, repeat that a couple of times, and
you know the cookie of the next one who will login.
If you want this safe, then use /dev/random or so, which includes better
entropy.
> If you are concerned that the time is included note that RFC-4122
> UUIDs also contain the time. It's not a big deal.
No, I simply concerned that the random values are guessable. And the
time is anyway, and hence the whole cookie is.
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the dbus
mailing list