On Wed, Oct 17, 2001 at 04:45:09PM +0200, Russell Coker wrote: > Currently the permissions settings for these devices are uncertain. > > MAKEDEV makes /dev/urandom mode 444 and /dev/random either mode 444 or more > 666. > > For devfs I plan to make them both mode 644. From reading the latest kernel > source I see that writing to either of them gives the same result (so having > different write permissions for them makes no sense). The boot script > /etc/init.d/urandom from the sysvinit package writes to /dev/urandom so root > write access makes sense to me (sure root can write to it anyway but I think > that the permissions should reflect the usage for clarity). > > Also I suspect that if a malicious user ran "cat /dev/zero > /dev/random" > then they could poison the random number pool so I think that mode 644 is the > correct permissions for both devices. > > Let me know if you disagree. If there's no complaints then I'll file a bug > against makedev to make it do the same. http://bugs.debian.org/81748 -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpDtXdIJV6bt.pgp
Description: PGP signature