Date: Sun, 27 Aug 2000 21:32:38 -0500 From: Adam Back <adam@cypherspace.org> To: tytso@MIT.EDU Cc: mark@grondar.za, current@FreeBSD.ORG, kris@FreeBSD.ORG, jeroen@vangelderen.org, yarrow@zeroknowledge.com Subject: /dev/random device permissions (Re: yarrow & /dev/random) Message-ID: <200008280232.VAA01008@cypherspace.org> In-Reply-To: <200008272259.SAA02131@tsx-prime.MIT.EDU> (tytso@MIT.EDU)
next in thread | previous in thread | raw e-mail | index | archive | help
Ted writes: > A couple of comments here. It was always the intention that > /dev/random be 0666, and in my implementation, writing to > /dev/random mixed the input into the entropy pool *without* changing > the entropy estimate. I see. This is not clear. We recently set it /dev/random to group writeable for a server application so we could write into /dev/random without being root. I'll change that to 0666. I think the confusion may come from a misunderstanding about the access control mechanism on the ioctls. (I tried 0666 just now and called the ioctl to zero the pool as a user and it denies access based on not being root -- so 0666 is in fact safe). Everyone seems to be setting it to 0644. Default linux Redhat, Slackware, freeBSD etc., etc is 0644. This is wrong, and as a result applications which really could benefit /dev/random by writing (private keys, encrypted IVs, user passwords, etc) aren't doing it. These tricks can really help mitigate lack of input device entropy in server environments. Given the importance of this, we ought to draw this to the attention of distribution maintainers and get it fixed. Bugtraq may be a good way to get the word out? The rest of Ted's comments about Yarrow and /dev/random design are interesting -- next mail. Adam To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008280232.VAA01008>