Ping a Specific Port

Question

profy

Asked: 2010-02-16 14:10:59 +0800 CST2010-02-16 14:10:59 +0800 CST 2010-02-16 14:10:59 +0800 CST

/dev/null , /dev/random and chrooted bind

772

Hy,

Why a chrooted bind need to mknod dev/null and dev/random ?

Howto say it's necessary but without explain reasons, I administrate chrooted bind servers without theses options, and all seems to work perfectly ...

Thanks for your answers.

1 Answers

Voted

mpez0 · Answer 1 · 2010-02-16T14:24:24+08:00

Best Answer

mpez0

2010-02-16T14:24:24+08:002010-02-16T14:24:24+08:00

Many programs and libraries open /dev/null, /dev/zero, or /dev/random. If whatever you're running in the chrooted jail needs those pseudo-devices, they need to be present inside the jail. If they are not included, an application may work for a while and then die (when the pseudo device open fails).

You can check your binaries (including dynamic libraries) and see if the devices are mentioned. From a security standpoint, it's difficult to see any negative implications from /dev/null or /dev/zero. If I was being paranoid, or doing covert channel analysis (not that there's that much difference), I'd want to look at the specific implementation of /dev/random.

1

/dev/null , /dev/random and chrooted bind

Ping a Specific Port

How do I tell Git for Windows where to find my private RSA key?

How do you restart php-fpm?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?