FWIW, Debian #81748 explains why it's safe to have world-writable
/dev/{u,}random devices.** Bug watch added: Debian Bug tracker #81748 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=81748 ** Also affects: makedev (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=81748 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1397652 Title: /dev/random and /dev/urandom world writeable Status in linux package in Ubuntu: Invalid Status in manpages package in Ubuntu: Fix Released Status in makedev package in Debian: Unknown Bug description: It looks like in 14.04.1 that /dev/random and /dev/urandom are world- writeable. This occurs in at least 14.04.1 Desktop for AMD64 and Server for i386 $ ls -l /dev/*random crw-rw-rw- 1 root root 1, 8 Nov 25 10:44 /dev/random crw-rw-rw- 1 root root 1, 9 Nov 25 10:44 /dev/urandom As far as I know, they should be 664 or 644. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: base-files 7.2ubuntu5.1 ProcVersionSignature: Ubuntu 3.13.0-40.69-generic 3.13.11.10 Uname: Linux 3.13.0-40-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Sun Nov 30 12:06:43 2014 Dependencies: InstallationDate: Installed on 2014-10-26 (34 days ago) InstallationMedia: Ubuntu 14.04.1 LTS "Trusty Tahr" - Release amd64 (20140722.2) SourcePackage: base-files UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1397652/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
