In article <9509210631.AA18308@sfi.santafe.edu>, Nelson Minar <nelson@santafe.edu> wrote:
Last time I looked, the MIT-MAGIC-COOKIE-1 scheme used in X11R4 had the same problem: the random seed was based on the current time to the microsecond, modulo the granularity of the system clock. I think I figured that on my hardware, if I could figure out which minute the X server started (easy with finger), I'd only have to try a few thousand keys or so. Caveat: I never actually proved the idea.
Wow. I just checked, and Nelson's right. The seed is this: #ifdef ITIMER_REAL { struct timeval now; X_GETTIMEOFDAY (&now); ldata[0] = now.tv_sec; ldata[1] = now.tv_usec; } #else { long time (); ldata[0] = time ((long *) 0); ldata[1] = getpid (); } #endif and if you don't have XDMAUTH defined, the auth value is this: seed = (ldata[0]) + (ldata[1] << 16); srand (seed); for (i = 0; i < len; i++) { value = rand (); auth[i] = value & 0xff; } Oh, well. We knew X didn't have much in the way of security, anyway... - Ian