** Changed in: makedev (Debian)
Status: Unknown => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1397652
Title:
/dev/random and /dev/urandom world writeable
To manage notificati
FWIW, Debian #81748 explains why it's safe to have world-writable
/dev/{u,}random devices.
** Bug watch added: Debian Bug tracker #81748
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=81748
** Also affects: makedev (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=81748
Imp
This bug was fixed in the package manpages - 4.02-0ubuntu1
---
manpages (4.02-0ubuntu1) xenial; urgency=medium
* New upstream version, including those changes:
- random.4: Fix permissions shown for the devices (lp: #1397652)
- resolv.conf.5: Document RES_SNGLKUPREOP (lp: #11
Fixed in next release: manpages 3.82
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1397652
Title:
/dev/random and /dev/urandom world writeable
To manage notifications about this bug go to:
https://
http://git.kernel.org/cgit/docs/man-pages/man-
pages.git/commit/?id=6f67e3e
** Changed in: manpages (Ubuntu)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/139
Nice, thanks Michael!
** Changed in: linux (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1397652
Title:
/dev/random and /dev/urandom world writeable
T
Upstream man-pages maintainer here. This seems to me a man-pages
problem, and I've change the relevant text in the man page to:
mknod -m 666 /dev/random c 1 8
mknod -m 666 /dev/urandom c 1 9
chown root:root /dev/random /dev/urandom
--
You received this bug notifi
The man page is a bit confusing as said previously. Even though the
configuration section speaks about setting permissions to 644, the
following can be found from the description section:
Writing to /dev/random or /dev/urandom will update the entropy pool
with the data written, b
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: manpages (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1397652
Title:
/
Yeah, indeed. https://en.wikipedia.org/wiki//dev/random also describes
this aspect in more detail (but of course it's not a reference to rely
on). Unfortunately the FHS
(http://www.pathname.com/fhs/pub/fhs-2.3.html#DEVDEVICEFILES) makes no
statement about this at all.
I added a manpages tasks for
Thanks. It is probably my lack of understanding. The manual page for
random(4) uses 644 for both and show writing to urandom to set the
random seed. But if writing to the devices by non-root users does not
reduce the entropy then the original aspect of the bug is invalid,
though maybe the man pa
udev doesn't change permissions on these devices, that's a kernel
default (devtmpfs). However, why is that bad? As far as I know, the
devices are writable for non-root users so that you can have usespace
daemons like haveged for additional entropy data (but not increase it --
that's a separate ioct
** Package changed: base-files (Ubuntu) => udev (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1397652
Title:
/dev/random and /dev/urandom world writeable
To manage notifications about this
13 matches
Mail list logo