[Pkg-chromium-maint] Bug#770659: The cause seems to be access to /dev/urandom
Jeremy Lainé
jeremy.laine at m4x.org
Thu Jul 30 08:51:34 UTC 2015
Hello,
I have finally managed to get chromium to work with the a patched
version of libsrtp!
The trick is to use fopen(3) to open /dev/urandom instead of open(2) in
libsrtp. Chromium's sandbox allows fopen(3) to be called on /dev/urandom
for NSS's random number generator to work. If we use the same mechanism
for libsrtp, we also get a working random number generator.
The call to setvbuf(3) is used to operate in unbuffered mode, otherwise
calls
to fread(3) will return more data than wanted, unnecessarily draining the
entropy pool, see: https://bugzilla.mozilla.org/show_bug.cgi?id=927230
The same patch works both with libsrtp 1.4.5 (stable, testing, unstable)
and 1.5.2 (experimental).
Cheers,
Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2003_use_fopen_for_chromium_sandbox.patch
Type: text/x-patch
Size: 2449 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-chromium-maint/attachments/20150730/e88261b3/attachment.bin>
More information about the Pkg-chromium-maint
mailing list