diff options
author | delphij <delphij@FreeBSD.org> | 2017-05-31 05:00:02 +0000 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2017-05-31 05:00:02 +0000 |
commit | 8d40f02e444217a2f8eea0b4e39792769a4c3fd8 (patch) | |
tree | 98afc5bddf46f1702a0d75cfaff841a2b0caa293 | |
parent | 43460b6809aa848955814e91a181de083c1d6ad0 (diff) | |
download | FreeBSD-src-8d40f02e444217a2f8eea0b4e39792769a4c3fd8.zip FreeBSD-src-8d40f02e444217a2f8eea0b4e39792769a4c3fd8.tar.gz |
MFC r318975:
Tighten /entropy permissions.
PR: 219527
Reported by: Lu Tung-Pin <lutungpin at openmailbox.org>
Submitted by: jilles
-rwxr-xr-x | etc/rc.d/random | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/etc/rc.d/random b/etc/rc.d/random index 1e4e5b2..9762c9d 100755 --- a/etc/rc.d/random +++ b/etc/rc.d/random @@ -20,12 +20,14 @@ saveseed_cmd="${name}_stop" save_dev_random() { + oumask=`umask` + umask 077 for f ; do - if :>>"$f" ; then - debug "saving entropy to $f" - dd if=/dev/random of="$f" bs=4096 count=1 2>/dev/null - fi + debug "saving entropy to $f" + dd if=/dev/random of="$f" bs=4096 count=1 status=none && + chmod 600 "$f" done + umask ${oumask} } feed_dev_random() |