Re: [PATCH] seccomp: allow the getrandom system call.

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Thu, Feb 12, 2015 at 09:45:21PM +1100, Damien Miller wrote:
> On Wed, 11 Feb 2015, Dmitry V. Levin wrote:
> > On Wed, Feb 11, 2015 at 02:46:50PM -0300, Cristian Rodr?guez wrote:
> > > *SSL libraries or the C library may/will require it.
> > 
> > In what circumstances do they need it?
> > Do they need it with GRND_RANDOM bit set?
> > 
> > Note that this system call equivalents to opening (with subsequent
> > reading) of /dev/random and /dev/urandom, which is not allowed by this
> > seccomp filter.
> 
> IMO they shouldn't need it - we take care to prime both the arc4random
> and libcrypto pools before sandboxing.

They definitely don't need it now as neither /dev/random nor /dev/urandom
is available in _PATH_PRIVSEP_CHROOT_DIR.

> I don't mind adding it though, and don't think it hurts.

Unlimited access to /dev/random could be used to cause system entropy
starvation, so please don't add it.


-- 
ldv

Attachment: pgp7WSbttDIRi.pgp
Description: PGP signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux