[openssl-users] Session params output fails via cron
Jordan Brown
openssl at jordan.maileater.net
Mon Jan 7 21:26:56 UTC 2019
[ Off topic for OpenSSL... ]
On 1/7/2019 8:06 AM, Jakob Bohm via openssl-users wrote:
> A chroot with no other reason to open /dev/null should not contain that
> file name, even on unix-like platforms (least privilege chroot design).
There's always a first reason :-)
But also: /dev/null is part of the definition of UNIX
<http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap10.html#tag_10_01>.
Programs have every right to expect that it will be there. Yes, you can
build a chroot environment that doesn't include it... but then you can't
complain when programs don't work in your environment. You can also
build an environment that doesn't include system libraries, and there
are reasons to do so, but few programs will work in it.
Looking at Solaris, about 15% of the programs in /usr/bin and 5% of the
libraries in /usr/lib have a reference to /dev/null.
--
Jordan Brown, Oracle Solaris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190107/054d300f/attachment.html>
More information about the openssl-users
mailing list