Assert that /dev/random and urandom are world-readable/writable.
This CL adds tests into CTS to assert that the Linux RNG character
devices /dev/random and /dev/urandom are world-readable and
world-writable. This is needed mainly to ensure that apps can use
/dev/urandom (and /dev/random) as sources of randomness.
Some of the existing CTS tests are already implicitly checking that
/dev/urandom is world-readable. However, it is time to stregthen the
contract and assert the world-readability/writability explicitly.
Bug: 10394220
(cherry picked from commit 85c3cbc1331f7198f8bbf9a923af7bbde0ce57c4)
Change-Id: I86beb388b2f84a9523c0264cb9b59f36a6dd7fb4
diff --git a/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java b/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
index 695e6e7..0757ba0 100644
--- a/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
+++ b/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
@@ -611,6 +611,24 @@
insecure.isEmpty());
}
+ public void testDevRandomWorldReadableAndWritable() throws Exception {
+ FileUtils.FileStatus status = new FileUtils.FileStatus();
+ assertTrue(FileUtils.getFileStatus("/dev/random", status, false));
+ assertTrue(
+ "/dev/random not world-readable/writable. Actual mode: 0"
+ + Integer.toString(status.mode, 8),
+ (status.mode & 0666) == 0666);
+ }
+
+ public void testDevUrandomWorldReadableAndWritable() throws Exception {
+ FileUtils.FileStatus status = new FileUtils.FileStatus();
+ assertTrue(FileUtils.getFileStatus("/dev/urandom", status, false));
+ assertTrue(
+ "/dev/urandom not world-readable/writable. Actual mode: 0"
+ + Integer.toString(status.mode, 8),
+ (status.mode & 0666) == 0666);
+ }
+
private static Set<File>
getAllInsecureBlockDevicesInDirAndSubdir(File dir) throws Exception {
assertTrue(dir.isDirectory());