[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
** Changed in: makedev (Debian) Status: Unknown => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
FWIW, Debian #81748 explains why it's safe to have world-writable
/dev/{u,}random devices.
** Bug watch added: Debian Bug tracker #81748
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=81748
** Also affects: makedev (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=81748
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1397652
Title:
/dev/random and /dev/urandom world writeable
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
This bug was fixed in the package manpages - 4.02-0ubuntu1 --- manpages (4.02-0ubuntu1) xenial; urgency=medium * New upstream version, including those changes: - random.4: Fix permissions shown for the devices (lp: #1397652) - resolv.conf.5: Document RES_SNGLKUPREOP (lp: #1110781) - proc.5: Document /proc/PID/status VmPin field (lp: #1071746) * debian/rules: - don't ship attr manpage to avoid conflict with that package -- Sebastien Bacher Wed, 04 Nov 2015 16:05:28 +0100 ** Changed in: manpages (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
Fixed in next release: manpages 3.82 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
http://git.kernel.org/cgit/docs/man-pages/man- pages.git/commit/?id=6f67e3e ** Changed in: manpages (Ubuntu) Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
Nice, thanks Michael! ** Changed in: linux (Ubuntu) Status: Incomplete => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
Upstream man-pages maintainer here. This seems to me a man-pages problem, and I've change the relevant text in the man page to: mknod -m 666 /dev/random c 1 8 mknod -m 666 /dev/urandom c 1 9 chown root:root /dev/random /dev/urandom -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
The man page is a bit confusing as said previously. Even though the configuration section speaks about setting permissions to 644, the following can be found from the description section: Writing to /dev/random or /dev/urandom will update the entropy pool with the data written, but this will not result in a higher entropy count. This means that it will impact the contents read from both files, but it will not make reads from /dev/random faster. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: manpages (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
Yeah, indeed. https://en.wikipedia.org/wiki//dev/random also describes this aspect in more detail (but of course it's not a reference to rely on). Unfortunately the FHS (http://www.pathname.com/fhs/pub/fhs-2.3.html#DEVDEVICEFILES) makes no statement about this at all. I added a manpages tasks for possibly updating the manpage if the kernel defaults are deliberate. ** Also affects: manpages (Ubuntu) Importance: Undecided Status: New ** Changed in: linux (Ubuntu) Importance: Undecided => Low ** Changed in: manpages (Ubuntu) Importance: Undecided => Low -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
Thanks. It is probably my lack of understanding. The manual page for random(4) uses 644 for both and show writing to urandom to set the random seed. But if writing to the devices by non-root users does not reduce the entropy then the original aspect of the bug is invalid, though maybe the man page could use a few words of clarification. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
udev doesn't change permissions on these devices, that's a kernel default (devtmpfs). However, why is that bad? As far as I know, the devices are writable for non-root users so that you can have usespace daemons like haveged for additional entropy data (but not increase it -- that's a separate ioctl(RNDADDENTROPY) which is limited to root, so that users can't make entropy any worse). So I think this is by design, but I keep this open in case you see an actual issue here? Thanks! ** Package changed: udev (Ubuntu) => linux (Ubuntu) ** Changed in: linux (Ubuntu) Status: New => Incomplete ** Tags added: bot-stop-nagging -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1397652] Re: /dev/random and /dev/urandom world writeable
** Package changed: base-files (Ubuntu) => udev (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/udev/+bug/1397652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
