|
|
|
|
|
|
by throwaway0010
4349 days ago
|
|
|
"The motivation behind the new system call has more to do with chroot environments, where the device might not be available at all. " Why wouldn't one simply create the appropriate device node inside the chroot? This argument strikes me as nonsense. |
|
|
Forcing urandom to exist also precludes mounting partions 'nodev' which has secuirty implications in a chroot enviroment.
Lastly, relying on a devicefile makes you prone to things like fd exhaustion attacks.