[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
XDM has the same problem as netscape ?!
In article <[email protected]>,
Nelson Minar <[email protected]> wrote:
>Last time I looked, the MIT-MAGIC-COOKIE-1 scheme used in X11R4 had
>the same problem: the random seed was based on the current time to the
>microsecond, modulo the granularity of the system clock. I think I
>figured that on my hardware, if I could figure out which minute the X
>server started (easy with finger), I'd only have to try a few
>thousand keys or so. Caveat: I never actually proved the idea.
Wow. I just checked, and Nelson's right.
The seed is this:
#ifdef ITIMER_REAL
{
struct timeval now;
X_GETTIMEOFDAY (&now);
ldata[0] = now.tv_sec;
ldata[1] = now.tv_usec;
}
#else
{
long time ();
ldata[0] = time ((long *) 0);
ldata[1] = getpid ();
}
#endif
and if you don't have XDMAUTH defined, the auth value is this:
seed = (ldata[0]) + (ldata[1] << 16);
srand (seed);
for (i = 0; i < len; i++)
{
value = rand ();
auth[i] = value & 0xff;
}
Oh, well. We knew X didn't have much in the way of security, anyway...
- Ian