kernel-packages team mailing list archive

Thread
Date

[Bug 1397652] Re: /dev/random and /dev/urandom world writeable

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Lars Noodén <lars.nooden@xxxxxxxxx>
Date: Sun, 30 Nov 2014 14:12:33 -0000
Reply-to: Bug 1397652 <1397652@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Thanks.  It is probably my lack of understanding.  The manual page for
random(4) uses 644 for both and show writing to urandom to set the
random seed.  But if writing to the devices by non-root users does not
reduce the entropy then the original aspect of the bug is invalid,
though maybe the man page could use a few words of clarification.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1397652

Title:
  /dev/random and /dev/urandom world writeable

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  It looks like in 14.04.1 that /dev/random and /dev/urandom are world-
  writeable.  This occurs in at least 14.04.1 Desktop for AMD64 and
  Server for i386

  $ ls -l /dev/*random 
  crw-rw-rw- 1 root root 1, 8 Nov 25 10:44 /dev/random
  crw-rw-rw- 1 root root 1, 9 Nov 25 10:44 /dev/urandom

  As far as I know, they should be 664 or 644.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: base-files 7.2ubuntu5.1
  ProcVersionSignature: Ubuntu 3.13.0-40.69-generic 3.13.11.10
  Uname: Linux 3.13.0-40-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.5
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Sun Nov 30 12:06:43 2014
  Dependencies:
   
  InstallationDate: Installed on 2014-10-26 (34 days ago)
  InstallationMedia: Ubuntu 14.04.1 LTS "Trusty Tahr" - Release amd64 (20140722.2)
  SourcePackage: base-files
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions