aboutsummaryrefslogtreecommitdiffstats
path: root/src/entropy
diff options
context:
space:
mode:
authorlloyd <[email protected]>2009-07-25 12:23:14 +0000
committerlloyd <[email protected]>2009-07-25 12:23:14 +0000
commitc9f92c0c07634c3a2aa73a8f3d3660ba39d76fde (patch)
tree68783b8fa53c3c89360f7fd430e19d9c71748680 /src/entropy
parent26fa799af0d362a37a80e1c666e738d3674fc25e (diff)
Two changes to proc_walk:
Don't read any file that is not world-readable. This avoids trouble when running as root, since on Linux various special files can cause odd interactions and/or blocking behavior when read (for instance /proc/kmsg). ssumption is that no such files are world-readable. This also avoids any issue of reading data that is potentially sensitive. Instead of reading the first 1 KB of each file, only read the first 128 bytes. This prevents large files (like /proc/config.gz or /proc/kallsyms) from swamping the input buffer; these inputs are pretty static and shouldn't count for much. Reducing to 128 bytes causes a poll to read about 400 different files, rather than ~30.
Diffstat (limited to 'src/entropy')
-rw-r--r--src/entropy/proc_walk/es_ftw.cpp4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/entropy/proc_walk/es_ftw.cpp b/src/entropy/proc_walk/es_ftw.cpp
index fe9dfec38..2016f099a 100644
--- a/src/entropy/proc_walk/es_ftw.cpp
+++ b/src/entropy/proc_walk/es_ftw.cpp
@@ -81,7 +81,7 @@ int Directory_Walker::next_fd()
if(S_ISDIR(stat_buf.st_mode))
add_directory(full_path);
- else if(S_ISREG(stat_buf.st_mode))
+ else if(S_ISREG(stat_buf.st_mode) && (stat_buf.st_mode & S_IROTH))
{
int fd = ::open(full_path.c_str(), O_RDONLY | O_NOCTTY);
@@ -118,7 +118,7 @@ void FTW_EntropySource::poll(Entropy_Accumulator& accum)
if(!dir)
dir = new Directory_Walker(path);
- MemoryRegion<byte>& io_buffer = accum.get_io_buffer(2048);
+ MemoryRegion<byte>& io_buffer = accum.get_io_buffer(128);
for(u32bit i = 0; i != MAX_FILES_READ_PER_POLL; ++i)
{