On Thu, Jan 9, 2014 at 1:37 AM, Seth Arnold <email address hidden> wrote:
> - pollen uses os.Create() to open the /dev/urandom may create a regular
> file if /dev/urandom doesn't exist for whatever reason -- it'd be worth
> checking the opened file to ensure it isn't a regular file. Either a
> check for specific major/minors of character devices or just a check for
> "not a regular file" would work; the first would be least surprising,
> the second may allow something clever.
Hmm, okay. That seems unlikely, but I think we can guard against this.
I decided to tackle this from a different directly, though. I've
solved this in the upstart script that runs pollen, by testing that
$DEVICE is in fact a character device. This involved a couple of
other changes (which are useful/necessary), including making the
DEVICE itself an argument to the pollen server itself.
Committed revision 171.
As a side note, the Pollen argv handling could be more robust. For
now, it's documented in the manpage that all of these arguments are
required.
On Thu, Jan 9, 2014 at 1:37 AM, Seth Arnold <email address hidden> wrote:
> - pollen uses os.Create() to open the /dev/urandom may create a regular
> file if /dev/urandom doesn't exist for whatever reason -- it'd be worth
> checking the opened file to ensure it isn't a regular file. Either a
> check for specific major/minors of character devices or just a check for
> "not a regular file" would work; the first would be least surprising,
> the second may allow something clever.
Hmm, okay. That seems unlikely, but I think we can guard against this.
I decided to tackle this from a different directly, though. I've
solved this in the upstart script that runs pollen, by testing that
$DEVICE is in fact a character device. This involved a couple of
other changes (which are useful/necessary), including making the
DEVICE itself an argument to the pollen server itself.
Committed revision 171.
As a side note, the Pollen argv handling could be more robust. For
now, it's documented in the manpage that all of these arguments are
required.
:-Dustin