Author: delphij
Date: Wed May 31 05:00:02 2017
New Revision: 319275
URL: https://svnweb.freebsd.org/changeset/base/319275
Log:
MFC r318975:
Tighten /entropy permissions.
PR: 219527
Reported by: Lu Tung-Pin <lutungpin at openmailbox.org>
Submitted by: jilles
Modified:
stable/11/etc/rc.d/random
Directory Properties:
stable/11/ (props changed)
Modified: stable/11/etc/rc.d/random
==============================================================================
--- stable/11/etc/rc.d/random Wed May 31 03:44:31 2017 (r319274)
+++ stable/11/etc/rc.d/random Wed May 31 05:00:02 2017 (r319275)
@@ -20,12 +20,14 @@ saveseed_cmd="${name}_stop"
save_dev_random()
{
+ oumask=`umask`
+ umask 077
for f ; do
- if :>>"$f" ; then
- debug "saving entropy to $f"
- dd if=/dev/random of="$f" bs=4096 count=1 2>/dev/null
- fi
+ debug "saving entropy to $f"
+ dd if=/dev/random of="$f" bs=4096 count=1 status=none &&
+ chmod 600 "$f"
done
+ umask ${oumask}
}
feed_dev_random()
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
