[ Off topic for OpenSSL... ] On 1/7/2019 8:06 AM, Jakob Bohm via openssl-users wrote: > A chroot with no other reason to open /dev/null should not contain that > file name, even on unix-like platforms (least privilege chroot design).
There's always a first reason :-) But also: /dev/null is part of the definition of UNIX <http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap10.html#tag_10_01>. Programs have every right to expect that it will be there. Yes, you can build a chroot environment that doesn't include it... but then you can't complain when programs don't work in your environment. You can also build an environment that doesn't include system libraries, and there are reasons to do so, but few programs will work in it. Looking at Solaris, about 15% of the programs in /usr/bin and 5% of the libraries in /usr/lib have a reference to /dev/null. -- Jordan Brown, Oracle Solaris
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
