Bdale Garbee wrote: > What motivates your assertion that both random and urandom should be 0644? > It seems to me that unless a user can completely control the initial state > of the entropy pool and ensure they are the only writer to the device, that > they cannot possibly control the generation of random numbers. Other than > that, more entropy is better entropy, right? Am I missing something?
As mentioned in the bug log for this bug and for 332970 against udev, I no longer assert this; see <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332983;msg=16>. Bug 81748 contains an explanation from Ted Ts'o as to why the devices should have world-writable (0666) permissions. However, I noticed that both udev and makedev had /dev/random 0666 but /dev/urandom 0644. Both devices have precisely the same write function in the kernel, and both have the same harmless effect, so both should have the same permissions. I thus retitled this report accordingly, and cloned it against makedev. udev 0.070-4 already fixed this issue, but makedev still has: makedev random c 1 8 $public makedev urandom c 1 9 $readable This should change to: makedev random c 1 8 $public makedev urandom c 1 9 $public - Josh Triplett
signature.asc
Description: OpenPGP digital signature
