Debian Bug report logs - #81748
/dev/random should be world writeable

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Mike Touloumtzis <miket@bluemug.com>

To: submit@bugs.debian.org

Subject: /dev/random should be world writeable

Date: Tue, 9 Jan 2001 18:44:42 -0800

Package: makedev
Version: 2.3.1-50

According to Ted Ts'o (author of the random driver), the /dev/random
device should be world-writeable.  Writing to /dev/random mixes the
random data pool without increasing the entropy estimate, so it can
only do good.

Current permissions on my woody (testing) system are read-only:

mayotte:~# MAKEDEV -n random
create random   c 1 8 root:root 0444

Here is the relevant portion of the mail (to lkml) in which Ted
explains the rationale:

=========================================================================

No, writing to /dev/random does not feed update entropy estimate. It
does mix data into the pool, but the mixing algorithm is designed so
that you can do no harm by mixing any data into the pool --- even nasty
data chosen by an attacker. Hence, allowing someone to write into
/dev/random is perfectly safe; it can cause no damage, and might improve
things. That's why /dev/random should be world-writeable.

There is a separate ioctl which requires root privs to atomically mix
data into the pool and update the entropy estimate. That's the
interface which is supposed to be used by trusted daemons which pull
data from various hardware devices, and feed them into /dev/random.

Note that in this case, the trusted daemon is supposed to estimate the
amount of entropy which it is feeding into the system. That's because
the daemon may be able to use much more sophisticated entropy estimation
systems, including ones which may require large amounts of CPU time (for
example, to do FFT's, trial compression of the data, etc.).

                                        - Ted

=========================================================================

Here is a link to the complete message, in a hypermail archive of lkml:

http://www.uwsg.iu.edu/hypermail/linux/kernel/0012.2/0502.html

Message #10 received at 81748-close@bugs.debian.org (full text, mbox, reply):

From: Bdale Garbee <bdale@gag.com>

To: 81748-close@bugs.debian.org

Subject: Bug#81748: fixed in makedev 2.3.1-51

Date: Tue, 06 Feb 2001 15:03:44 -0500

We believe that the bug you reported is fixed in the latest version of
makedev, which has been installed in the Debian FTP archive:

makedev_2.3.1-51.diff.gz
  to pool/main/m/makedev/makedev_2.3.1-51.diff.gz
makedev_2.3.1-51_all.deb
  to pool/main/m/makedev/makedev_2.3.1-51_all.deb
makedev_2.3.1-51.dsc
  to pool/main/m/makedev/makedev_2.3.1-51.dsc
A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 81748@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bdale Garbee <bdale@gag.com> (supplier of updated makedev package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon,  5 Feb 2001 20:59:26 -0700
Source: makedev
Binary: makedev
Architecture: source all
Version: 2.3.1-51
Distribution: unstable
Urgency: low
Maintainer: Bdale Garbee <bdale@gag.com>
Changed-By: Bdale Garbee <bdale@gag.com>
Description: 
 makedev    - Creates special device files in /dev.
Closes: 59513 63458 63953 70648 70737 70961 78018 78127 78170 78200 78497 80828 80871 81326 81434 81748 82345 82720 83035
Changes: 
 makedev (2.3.1-51) unstable; urgency=low
 .
   * patch to reduce noise from % in /proc/devices from Daniel Jacobowitz,
     add a bail-out check at the top of the MAKEDEV script to exit before trying
     to do anything if devfs is mounted... since MAKEDEV and devfsd don't mix!
     closes: #78018, #78170, #78200, #81326, #81434
     closes: #59513, #63458, #63953, #70648, #70737, #70961, #78127, #78497
   * fix typo regarding ide4/ide5 when creating hd[k-l], closes: #80828
   * fix backwards sunmouse/mouse linking, closes: #80871, #83035
   * make /dev/random writeable, as per Ted Ts'o, closes: #81748
   * add initial support for mips, closes: #82345
   * add support for cpu/microcode, closes: #82720
Files: 
 91d1e25722a77ffeac251c566a0b39ed 591 base required makedev_2.3.1-51.dsc
 7ebcbd320ed2093e0f52e231c8e9d3b0 28535 base required makedev_2.3.1-51.diff.gz
 5e4a3e5b558a76b56867f9182efdaf94 27800 base required makedev_2.3.1-51_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6f4GvZKfAp/LPAagRArJPAJ4jA59Mte9wccb4s6pwAxZ47wWofwCdHDuC
IJ3/+N5KjB/KLfWR6uiVQ2g=
=LMk3
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.