git.ipfire.org Git - thirdparty/tor.git/commit

author	Nick Mathewson <nickm@torproject.org>
	Wed, 16 Apr 2014 18:54:39 +0000 (14:54 -0400)
committer	Nick Mathewson <nickm@torproject.org>
	Thu, 17 Apr 2014 02:03:09 +0000 (22:03 -0400)
commit	e6785ee16dce675aa770616bcdbd128d5dfb1132
tree	3f5c1b6d827946b36c1aaff010265e9dec432d4f	tree \| snapshot
parent	156eefca454e10440d1070f7500e1708589fc64b	commit \| diff

Get Libevent's PRNG functioning under the linux sandbox

Libevent uses an arc4random implementation (I know, I know) to
generate DNS transaction IDs and capitalization.  But it liked to
initialize it either with opening /dev/urandom (which won't work
under the sandbox if it doesn't use the right pointer), or with
sysctl({CTL_KERN,KERN_RANDOM,RANDOM_UUIC}).  To make _that_ work, we
were permitting sysctl unconditionally.  That's not such a great
idea.

Instead, we try to initialize the libevent PRNG _before_ installing
the sandbox, and make sysctl always fail with EPERM under the
sandbox.

configure.ac		diff \| blob \| blame \| history
src/common/compat_libevent.c		diff \| blob \| blame \| history
src/common/compat_libevent.h		diff \| blob \| blame \| history
src/common/sandbox.c		diff \| blob \| blame \| history
src/or/main.c		diff \| blob \| blame \| history