Are macports builds prevented from accessing /dev/random ?
Chris Jones
jonesc at hep.phy.cam.ac.uk
Wed Jun 14 09:21:46 UTC 2017
On 14/06/17 00:20, Joshua Root wrote:
> On 2017-6-14 08:18 , Christopher Jones wrote:
>>
>> Had a look into this. The ROOT source never explicitly opens
>> /dev/random in read/write mode. Only read only.
>>
>> However, it also uses a number of external library calls, like
>> std::rand(), and my best bet is one of these is doing it. As writing
>> to /dev/random is allowed, to update the entropy pool, I don’t think
>> this in itself is an issue.
>>
>> So is it OK to add /dev/random to the allowed locations for the sandbox ?
>
> Yes, that would be fine.
So, should I submit an MR for this, or can you do it ? If you want me
to, where in base should I go looking for the allowed list ?
Chris
>
> I had a look at the xnu source by the way, and writing to /dev/random on
> Darwin is indeed equivalent to writing to /dev/null; the kernel doesn't
> use the written data in any way.
>
> - Josh
More information about the macports-dev
mailing list