Re: Is writing to /dev/ramdom a security flaw (vserver project)

David Wagner (daw@mozart.cs.berkeley.edu)
20 Oct 2001 00:26:45 GMT


Jacques Gelinas wrote:
>Is this a security issue if an administrator of a vserver is allowed to write
>in /dev/random ?

If you're talking about write(2), it should be safe, since the entropy
count is not affected. If you're talking about doing an ioctl(2) on
/dev/random, this is risky (since root can modify the entropy counter),
but it looks like all those code paths are protected by a capability
check, so my guess is that you're probably ok this, too.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/