Why is /dev/urandom only readable by root since Ubuntu 12.04 and how can I "fix" it?

Posted by Joe Hopfgartner on Server Fault See other posts from Server Fault or by Joe Hopfgartner
Published on 2012-05-22T10:50:17Z Indexed on 2012/06/21 9:18 UTC
Read the original article Hit count: 181

I used to work with Ubuntu 10.04 templates on a lot of servers. Since changing to 12.04 I have problems that I've now isolated.

The /dev/urandom device is only accessible to root.

This caused SSL engines, at least in PHP, for example file_get_contents(https://... to fail.

It also broke redmine.

After a chmod 644 it works fine, but that doesnt stay upon reboot.

So my question.

  1. why is this? I see no security risk because... i mean.. wanna steal some random data?

  2. How can I "fix" it? The servers are isolated and used by only one application, thats why I use openvz. I think about something like a runlevel script or so... but how do I do it efficiently? Maby with dpkg or apt?

  3. The same goes vor /dev/shm. in this case i totally understand why its not accessible, but I assume I can "fix" it the same way to fix /dev/urandom

© Server Fault or respective owner

Related posts about linux

Related posts about ubuntu