From 23d54565a3654653f46d0e3d0aced23162f9daed Mon Sep 17 00:00:00 2001
From: sheldonh <sheldonh@FreeBSD.org>
Date: Mon, 24 Jul 2000 15:14:47 +0000
Subject: Close a window of readability when creating the entropy seed file,
 which must not be world-readable.

---
 etc/rc.shutdown | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'etc/rc.shutdown')

diff --git a/etc/rc.shutdown b/etc/rc.shutdown
index b2af119..6c54aec 100644
--- a/etc/rc.shutdown
+++ b/etc/rc.shutdown
@@ -34,10 +34,12 @@ case ${entropy_file} in
 *)
 	echo "Writing entropy file."
 	rm -f ${entropy_file}
+	oumask=`umask`
+	umask 077
 	touch ${entropy_file} && \
-		chmod 600 ${entropy_file} && \
 		dd if=/dev/random of=${entropy_file} \
 		   bs=4096 count=1 2> /dev/null
+	umask ${oumask}
 	;;
 esac
 
-- 
cgit v1.1