<pre style='margin:0'>
Joshua Root (jmroot) pushed a commit to branch master
in repository macports-base.

</pre>
<p><a href="https://github.com/macports/macports-base/commit/c8c1565f42a60c2b9e85a204603a66052f444c43">https://github.com/macports/macports-base/commit/c8c1565f42a60c2b9e85a204603a66052f444c43</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'>     new c8c1565  Add /dev/{u,}random to sandbox whitelist
</span>c8c1565 is described below

<span style='display:block; white-space:pre;color:#808000;'>commit c8c1565f42a60c2b9e85a204603a66052f444c43
</span>Author: Joshua Root <jmr@macports.org>
AuthorDate: Wed Jun 14 22:49:54 2017 +1000

<span style='display:block; white-space:pre;color:#404040;'>    Add /dev/{u,}random to sandbox whitelist
</span><span style='display:block; white-space:pre;color:#404040;'>    
</span><span style='display:block; white-space:pre;color:#404040;'>    Writing to these is a noop on Darwin, but some code such as apparently
</span><span style='display:block; white-space:pre;color:#404040;'>    C++'s std::random_device wants to open them for reading and writing
</span><span style='display:block; white-space:pre;color:#404040;'>    anyway. There should be no harm in allowing this.
</span>---
 src/port1.0/portsandbox.tcl | 1 +
 1 file changed, 1 insertion(+)

<span style='display:block; white-space:pre;color:#808080;'>diff --git a/src/port1.0/portsandbox.tcl b/src/port1.0/portsandbox.tcl
</span><span style='display:block; white-space:pre;color:#808080;'>index 6d0c841..01de6b9 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/src/port1.0/portsandbox.tcl
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/src/port1.0/portsandbox.tcl
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -84,6 +84,7 @@ proc portsandbox::set_profile {target} {
</span> (allow file-write-data (literal \"/dev/null\") (literal \"/dev/zero\") \
 (literal \"/dev/dtracehelper\") (literal \"/dev/tty\") \
 (literal \"/dev/stdin\") (literal \"/dev/stdout\") (literal \"/dev/stderr\") \
<span style='display:block; white-space:pre;background:#e0ffe0;'>+(literal \"/dev/random\") (literal \"/dev/urandom\") \
</span> (regex #\"^/dev/fd/\")) (allow file-write* \
 (regex #\"^(/private)?(/var)?/tmp/\" #\"^(/private)?/var/folders/\"))"
 
</pre><pre style='margin:0'>

</pre>