On Thu, Feb 12, 2015 at 09:45:21PM +1100, Damien Miller wrote: > On Wed, 11 Feb 2015, Dmitry V. Levin wrote: > > On Wed, Feb 11, 2015 at 02:46:50PM -0300, Cristian Rodr?guez wrote: > > > *SSL libraries or the C library may/will require it. > > > > In what circumstances do they need it? > > Do they need it with GRND_RANDOM bit set? > > > > Note that this system call equivalents to opening (with subsequent > > reading) of /dev/random and /dev/urandom, which is not allowed by this > > seccomp filter. > > IMO they shouldn't need it - we take care to prime both the arc4random > and libcrypto pools before sandboxing. They definitely don't need it now as neither /dev/random nor /dev/urandom is available in _PATH_PRIVSEP_CHROOT_DIR. > I don't mind adding it though, and don't think it hurts. Unlimited access to /dev/random could be used to cause system entropy starvation, so please don't add it. -- ldv
Attachment:
pgp7WSbttDIRi.pgp
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev