Author: delphij
Date: Sat May 27 06:24:06 2017
New Revision: 318975
URL: https://svnweb.freebsd.org/changeset/base/318975
Log:
Tighten /entropy permissions.
PR: 219527
Reported by: Lu Tung-Pin <lutungpin at openmailbox.org>
Submitted by: jilles
MFC after: 3 days
Modified:
head/etc/rc.d/random
Modified: head/etc/rc.d/random
==============================================================================
--- head/etc/rc.d/random Sat May 27 02:07:22 2017 (r318974)
+++ head/etc/rc.d/random Sat May 27 06:24:06 2017 (r318975)
@@ -20,12 +20,14 @@ saveseed_cmd="${name}_stop"
save_dev_random()
{
+ oumask=`umask`
+ umask 077
for f ; do
- if :>>"$f" ; then
- debug "saving entropy to $f"
- dd if=/dev/random of="$f" bs=4096 count=1 2>/dev/null
- fi
+ debug "saving entropy to $f"
+ dd if=/dev/random of="$f" bs=4096 count=1 status=none &&
+ chmod 600 "$f"
done
+ umask ${oumask}
}
feed_dev_random()
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
