Re: Random MIME boundary needed? (was: Security findings)

Tue, 21 Apr 2026 05:33:17 -0700 

Hi Greg,

On 2026-04-21T12:49:43+0200, Greg KH wrote:
> On Tue, Apr 21, 2026 at 06:13:44PM +0800, Kevin J. McCarthy wrote:
> > On Tue, Apr 21, 2026 at 09:40:37AM +0200, Werner Koch wrote:
> > > I see no attack here.  However, mutt_random_bytes is also used to
> > > construct message ids.  I would suggest to make them less predictable.
> > > But do not use new crypto algorithms for that.  All systems come with
> > > proper random number generators these days.  Something like
> > > 
> > >  /* Create an unpredicable nonce of LENGTH bytes in BUFFER. */
> > >  void gcry_create_nonce (void *buffer, size_t length);
> > > 
> > > if you anyway link to Libgcrypt, or use the respective functions from
> > > the other crypto libs.
> > 
> > Thank you Werner and Greg KH! (I'll just reply to you both here)
> > 
> > Something like gcry_create_nonce() sounds perfect.  Unfortunately we
> > don't link to Libgcrypt.
> > 
> > Perhaps, as Greg KH suggested we could try checking for getrandom(), and
> > then arc4random_buf(), and if both are missing I guess fall back to what
> > we have now?
> 
> I would recommend that.  I would hope that most modern systems have
> getrandom() by now.

        $ man -w getrandom \
        | xargs mansectf '(STANDARDS|HISTORY)' \
        | cat;
        getrandom(2)                  System Calls Manual                  
getrandom(2)

        STANDARDS
             Linux.

        HISTORY
             Linux 3.17, glibc 2.25.

        Linux man‐pages 6.17‐68‐g7178f0e1  2026‐02‐08                      
getrandom(2)

glibc 2.25 is from 2017.  And musl added it in
e2065820 (2018-02-22; "add getrandom syscall wrapper"), which was first
released in v1.1.20 (2018-09-04).

I'd say yes; most modern Linux systems have it.

BTW, getentropy(3) --which itself calls getrandom(2)-- was added to both
glibc and musl in the same versions as getrandom(2).  Should we prefer
getentropy(3) or getrandom(2)?  getentropy(3) seems to have been
standardized by POSIX.1-2024 --which I'll document in the manual page
right now--.

And for completeness, here's arc4random(3):

        $ man -w arc4random_buf \
        | xargs mansectf '(STANDARDS|HISTORY)' \
        | cat;
        arc4random(3)               Library Functions Manual              
arc4random(3)

        STANDARDS
             BSD.

        HISTORY
             OpenBSD 2.1, FreeBSD 3.0, NetBSD 1.6, DragonFly 1.0, libbsd, glibc 
2.36.

        Linux man‐pages 6.17‐68‐g7178f0e1  2025‐06‐28                     
arc4random(3)


Have a lovely day!
Alex

-- 
<https://www.alejandro-colomar.es>

Attachment: signature.asc
Description: PGP signature

Reply via email to