Ubuntu
gnupg package

race condition on ~/.gnupg/random_seed when signing

Bug #780 reported by David Allouche on 2005-05-25

This bug report is a duplicate of: Bug #36202: race condition on ~/.gnupg/random_seed when signing. Edit Remove

Affects		Status	Importance	Assigned to	Milestone
	gnupg (Ubuntu)	Invalid	Medium	Unassigned

Bug Description

Desired behaviour: Signing should always fail or succeed in a deterministic manner, or provide a distinctive error message if a system failure (e.g

Desired behaviour: Signing should always fail or succeed in a deterministic manner, or provide a distinctive error message if a system failure (e.g. out of memory) occurred.

Observed behaviour: Once in a while, when doing many concurrent signing operations under heavy load, you can get an error looking the following.

gpg: fatal: can't read `/home/importd/.gnupg/random_seed': No such file or directory
secmem usage: 1472/1472 bytes in 4/4 blocks of pool 1472/32768
signature command exited with non-0 status (2)

command: gpg --clearsign --no-default-keyring --keyring /<email address hidden> --secret-keyring /<email address hidden> --default-key <email address hidden>

Interpretation: the .gnupg/random_seed might be updated in an unsafe manner, leaving a race window where the file does not exist.

Security implications: None. Triggering the race requires write access to .gnupg. If an attacker has it, you have a way bigger problem.

See original description

Corey Burger (corey.burger) on 2005-05-25

Changed in gnupg:
status:	New → Rejected

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #36202 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntugnupg package

race condition on ~/.gnupg/random_seed when signing

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
gnupg package