Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 13 Mar 2013 09:10:38 +0000
From: Tim Brown <>
Subject: Re: Linux kernel + devtmpfs automount == insecure /dev/{,u}random mode

On Wednesday 13 Mar 2013 08:35:54 wrote:


> The obvious fix is to create these devices with mode 0644,
> so only root will be able to re-initialize the entropy pool.

On Debian at least:


> Possibly, this even deserves a CVE to be assigned...

Tim Brown

Download attachment "signature.asc " of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ