Skip to Content [alt-c]

Blog

Comment

In reply to LibreSSL's PRNG is Unsafe on Linux [Update: LibreSSL fork fix]

Reader Richard Yao on 2014-07-15 at 19:16:

There is no such thing as a "chroot jail" on Linux. You mean a container using a mix of namespaces and device cgroups. I see no reason why /dev/urandom cannot be made available inside containers:

https://www.kernel.org/doc/Documentation/cgroups/devices.txt

If it is not there, the container is likely misconfigured.

Reply

Post a Reply

Your comment will be public. If you would like to contact me privately, please email me. Please keep your comment on-topic, polite, and comprehensible.

(Optional; will be published)

(Optional; will not be published)

(Optional; will be published)

  • Blank lines separate paragraphs.
  • Lines starting with ">" are indented as block quotes.
  • Lines starting with two spaces are reproduced verbatim.
  • Text surrounded by *asterisks* is italicized.
  • Text surrounded by `back ticks` is monospaced.
  • URLs are turned into links.
  • Use the Preview button to check your formatting.