Why is /dev/urandom only readable by root since Ubuntu 12.04 and how can I "fix" it?
Posted
by
Joe Hopfgartner
on Server Fault
See other posts from Server Fault
or by Joe Hopfgartner
Published on 2012-05-22T10:50:17Z
Indexed on
2012/06/21
9:18 UTC
Read the original article
Hit count: 181
I used to work with Ubuntu 10.04 templates on a lot of servers. Since changing to 12.04 I have problems that I've now isolated.
The /dev/urandom device is only accessible to root.
This caused SSL engines, at least in PHP, for example file_get_contents(https://... to fail.
It also broke redmine.
After a chmod 644 it works fine, but that doesnt stay upon reboot.
So my question.
why is this? I see no security risk because... i mean.. wanna steal some random data?
How can I "fix" it? The servers are isolated and used by only one application, thats why I use openvz. I think about something like a runlevel script or so... but how do I do it efficiently? Maby with dpkg or apt?
The same goes vor /dev/shm. in this case i totally understand why its not accessible, but I assume I can "fix" it the same way to fix /dev/urandom
© Server Fault or respective owner