Verify that random calls are seeded and used appropriately
Verify that random calls are seeded and used appropriately
The Google Compute Platform randomization attack is a good reminder that we should examine PRNG use dhcp server and relay to ensure that we are using (pseudo-)randomness appropriately.
Please treat this ticket as:
a reminder to review PRNG use in your project to ensure that it is used properly
a request to report on the status of that review, so that users who search for this ticket can satisfy themselves that we have checked our usage and believe it to be reasonable
The Google Compute Platform randomization attack in dhclient publicly available here: https://github.com/irsl/gcp-dhcp-takeover-code-exec..
also: #197 (closed)