Close a window of readability when creating the entropy seed file,

which must not be world-readable.
2026-06-11 01:30:30 -04:00 · 2000-07-24 15:14:47 +00:00 · 2000-07-24 15:14:47 +00:00 · 0e2c115b95
commit 0e2c115b95
parent 1b9735e6f2
1 changed files with 3 additions and 1 deletions
--- a/etc/rc.shutdown
+++ b/etc/rc.shutdown
@ -34,10 +34,12 @@ case ${entropy_file} in
 *)
 	echo "Writing entropy file."
 	rm -f ${entropy_file}
+	oumask=`umask`
+	umask 077
 	touch ${entropy_file} && \
-		chmod 600 ${entropy_file} && \
 		dd if=/dev/random of=${entropy_file} \
 		   bs=4096 count=1 2> /dev/null
+	umask ${oumask}
 	;;
 esac