[Box Backup] Win32 - No random device -- additional seeding of random number generator not performed.

Ben Summers boxbackup@fluffy.co.uk
Thu, 28 Oct 2004 16:29:25 +0100


On 28 Oct 2004, at 16:18, Mikael Syska wrote:

> Hey list,
>
> I get the following error when I try to exec the Win32 program...
> ----------------------------------------------------------------------- 
> ----------
> C:\Bbackup>bbackupd.exe bbackupd.conf
> No random device -- additional seeding of random number generator not  
> performed.
>
> Box Backup Client v0.08, (c) Ben Summers 2003, 2004
> ======================================================================= 
> =========
> ============
> SECURITY WARNING: This platform cannot check the credentials of  
> connections to t
> he
> command socket. This is a potential DoS security problem.
> Remove the CommandSocket directive from the bbackupd.conf file if  
> bbackupctl is
> not used.
> ======================================================================= 
> =========
> ============
>
> C:\Bbackup>
> ----------------------------------------------------------------------- 
> ----------
>
> Its the Cygwin package Adrian made....


These are warnings, not errors.

The random device one warns you that Windows does not provide a good  
source of random data, so the OpenSSL library is on it's own, and may  
not be properly seeded. (This may cause security problems with  
guessable seeds for encryption, but as long as the key and certificate  
files are properly made it's not such a big problem. But really not  
ideal.)

The second means that anyone can connect to the backup command socket  
and tell the daemon what to do.

The exe should running in the background.

Ben