[PATCH 3/3] Use a stronger RNG for password salt

Chris Lumens <clumens@xxxxxxxxxx> · Thu, 4 Nov 2010 11:50:07 -0400

From: Miloslav TrmaÄ <mitr@xxxxxxxxxx>

Related:  rhbz#554874
---
 pyanaconda/booty/x86.py |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/pyanaconda/booty/x86.py b/pyanaconda/booty/x86.py
index 224e0bf..003901a 100644
--- a/pyanaconda/booty/x86.py
+++ b/pyanaconda/booty/x86.py
@@ -29,8 +29,9 @@ class x86BootloaderInfo(efiBootloaderInfo):
             saltLen = 16
 
             saltchars = string.letters + string.digits + './'
+            rnd = random.SystemRandom()
             for i in range(saltLen):
-                salt += random.choice(saltchars)
+                salt += rnd.choice(saltchars)
 
             self.password = crypt.crypt(val, salt)
             self.pure = val
-- 
1.7.1.1

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list






