size requirements and keeping entropy in the talloc_magic
abartlet at samba.org
Thu Oct 22 19:54:32 UTC 2020
On Thu, 2020-10-22 at 12:02 -0500, Arran Cudbard-Bell via samba-
> Is there any real issue with only having 24bits of magic if 32bit
> size fields were implemented?
Our talloc magic provides some important security properties, which are
decreased by half for every bit lot.
That is, we have in the past had attacks on our talloc
destructor functionality by forging a talloc header. I changed our
talloc header to be a per-exec random number for this reason, to make
it much harder to forge a talloc chunk.
If we reduce that too much, we loose the protection.
Everything is a trade off naturally, I just want to be clear what the
reasoning here is for keeping it as long as possible.
Andrew Bartlett https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Developer, Catalyst IT
More information about the samba-technical