Are macports builds prevented from accessing /dev/random ?

Joshua Root jmr at
Tue Jun 13 21:42:57 UTC 2017

On 2017-6-14 07:05 , Daniel J. Luke wrote:
> On Jun 13, 2017, at 4:57 PM, Christopher Jones <jonesc at> wrote:
>> :info:build open('/dev/random'): Operation not permitted
>> Now, this works outside. So I suspect the build is in some way prevent the build process from accessing this. Is this possible ? If so, more to the point, is there a way I can get this to work… ?
> I suspect the sandbox doesn't include access to /dev/random (Macports started using sandbox-exec with version 2.2.0)
> As a temporary workaround (or to test this theory) you can add "sandbox_enable no" to your macports.conf

Our sandbox only restricts writes. Seems like the program is opening 
/dev/random with O_RDWR? Writing to it is technically allowed (though I 
don't know that it does anything on darwin), so we should probably add 
it to the sandbox exceptions, but I'm not sure why it would be needed.

- Josh

More information about the macports-dev mailing list