Are macports builds prevented from accessing /dev/random ?
Joshua Root
jmr at macports.org
Wed Jun 14 12:56:22 UTC 2017
On 2017-6-14 19:21 , Chris Jones wrote:
>
>
> On 14/06/17 00:20, Joshua Root wrote:
>> On 2017-6-14 08:18 , Christopher Jones wrote:
>>>
>>> Had a look into this. The ROOT source never explicitly opens
>>> /dev/random in read/write mode. Only read only.
>>>
>>> However, it also uses a number of external library calls, like
>>> std::rand(), and my best bet is one of these is doing it. As writing
>>> to /dev/random is allowed, to update the entropy pool, I don’t think
>>> this in itself is an issue.
>>>
>>> So is it OK to add /dev/random to the allowed locations for the
>>> sandbox ?
>>
>> Yes, that would be fine.
>
> So, should I submit an MR for this, or can you do it ? If you want me
> to, where in base should I go looking for the allowed list ?
<https://github.com/macports/macports-base/commit/c8c1565f42a60c2b9e85a204603a66052f444c43>
- Josh
More information about the macports-dev
mailing list