A crypto (secure voice) app I am testing fails to start - it is trying to read
/dev/random:
<5>[ 2951.029571] type=1400 audit(1359410942.187:32): avc: denied { read } for
pid=2435 comm=4173796E635461736B202331 name="random" dev=tmpfs ino=4012
scontext=u:r:untrusted_app:s0:c50,c256 tcontext=u:object_r:random_device:s0
tclass=chr_file
Would it be reasonable to add a "allow domain random_device:chr_file
r_file_perms;" rule to allow all apps to read /dev/random?
I think the main threat is that a malicious app could potentially keep reading
from /dev/random and use up the entropy pool (preventing others from reading
/dev/random).
Some might say the app should use /dev/urandom instead. At which time others
would probably then complain that /dev/urandom is "not good enough". Not sure
that I personally want to take sides on /dev/random vs. /dev/urandom. :)
--
Michael Peck
The MITRE Corporation
