Why is /dev/urandom only readable by root since Ubuntu 12.04 and how can I "fix" it?
- by Joe Hopfgartner
I used to work with Ubuntu 10.04 templates on a lot of servers.
Since changing to 12.04 I have problems that I've now isolated.
The /dev/urandom device is only accessible to root.
This caused SSL engines, at least in PHP, for example file_get_contents(https://... to fail.
It also broke redmine.
After a chmod 644 it works fine, but that doesnt stay upon reboot.
So my question.
why is this? I see no security risk because... i mean.. wanna steal some random data?
How can I "fix" it? The servers are isolated and used by only one application, thats why I use openvz. I think about something like a runlevel script or so... but how do I do it efficiently? Maby with dpkg or apt?
The same goes vor /dev/shm. in this case i totally understand why its not accessible, but I assume I can "fix" it the same way to fix /dev/urandom