[Bug 1651947] Re: installer ought to install a proper random-seed

John Denker lp at av8n.com
Fri Dec 23 19:03:21 UTC 2016 

I see the importance is still "undecided".  Here is something that may
help:

Message from Rich Salz, 12/22/2016 10:06 AM:
> Feel free to quote me:
>       This is very important.
[...]
>  Rich Salz
>    Senior Architect, Akamai Technologies
>    Member, OpenSSL Dev Team

High-quality randomly-distributed numbers are needed for every aspect of computer
security, including long-term keys, session keys, nonces, initialization vectors,
ASLR, et cetera.

Newly-installed systems need randomness just as much as other systems.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to livecd-rootfs in Ubuntu.
https://bugs.launchpad.net/bugs/1651947

Title:
  installer ought to install a proper random-seed

Status in livecd-rootfs package in Ubuntu:
  New
Status in ubiquity package in Ubuntu:
  New

Bug description:
  Observed behavior:  The Ubuntu "Live CD" installer creates
  a file on the installee (i.e. target) filesystem called
     /var/lib/systemd/random-seed
  but alas it has zero length.

  Desired behavior:  The installer should copy 512 bytes from
  the installer's /dev/urandom into the installee's 
     /var/lib/systemd/random-seed

  Discussion:  The newly installed system relies on that file
  to initialize its random number generator.  It might have
  other ways of initializing, or it might not.  An improperly
  initialized RNG creates grave security problems.

  There is no imaginable downside to doing this.

  Remark:  The Debian installer handles this better.  It gives the
  installee a nice
     /var/lib/urandom/random-seed
  file with 512 bytes of random content.  It does not bother with
     /var/lib/systemd/random-seed
  at all.

  The Ubuntu installer, in contrast, creates a directory
     /var/lib/urandom
  with no contents, i.e. no files at all.  Perhaps this is vestigial.
  Suggestion: The Ubuntu installer should:
    a) not create that directory at all, or
    b) create /var/lib/urandom/random-seed as a symlink to
           ../systemd/random-seed, or
    c) put the actual data in /var/lib/urandom/random-seed -- 
     which is the traditional and compatible place for it -- and
     teach the systemd scripts to find it there.

  Disclaimer:  As a separate matter, it is important to ensure
  that the installer system itself has a properly initialized RNG.
  There are ways of doing so, but that is a topic for another day.
  For present purposes, the point is only that the installer should
  not make things worse.  It should use whatever randomness it has
  to initialize the installee system.

  --------------------------------

  Observed on a Live CD system:
  :; lsb_release -rd
  Description:    Ubuntu 16.04.1 LTS
  Release:        16.04

  The package is: 
  :; apt-cache policy ubiquity
  ubiquity:
    Installed: 2.21.63.2
    Candidate: 2.21.63.2
    Version table:
   *** 2.21.63.2 500
          500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
          100 /var/lib/dpkg/status
       2.21.63 500
          500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/1651947/+subscriptions

More information about the foundations-bugs mailing list