Are macports builds prevented from accessing /dev/random ?

Joshua Root jmr at
Tue Jun 13 23:20:54 UTC 2017

On 2017-6-14 08:18 , Christopher Jones wrote:
> Had a look into this. The ROOT source never explicitly opens /dev/random in read/write mode. Only read only.
> However, it also uses a number of external library calls, like std::rand(), and my best bet is one of these is doing it. As writing to /dev/random is allowed, to update the entropy pool, I don’t think this in itself is an issue.
> So is it OK to add /dev/random to the allowed locations for the sandbox ?

Yes, that would be fine.

I had a look at the xnu source by the way, and writing to /dev/random on 
Darwin is indeed equivalent to writing to /dev/null; the kernel doesn't 
use the written data in any way.

- Josh

More information about the macports-dev mailing list