From 0e2c115b95423e6d8dc2ca8d0178b71a87f6717b Mon Sep 17 00:00:00 2001
From: Sheldon Hearn <sheldonh@FreeBSD.org>
Date: Mon, 24 Jul 2000 15:14:47 +0000
Subject: [PATCH] Close a window of readability when creating the entropy seed
 file, which must not be world-readable.

---
 etc/rc.shutdown | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/etc/rc.shutdown b/etc/rc.shutdown
index b2af1196335..6c54aec77cf 100644
--- a/etc/rc.shutdown
+++ b/etc/rc.shutdown
@@ -34,10 +34,12 @@ case ${entropy_file} in
 *)
 	echo "Writing entropy file."
 	rm -f ${entropy_file}
+	oumask=`umask`
+	umask 077
 	touch ${entropy_file} && \
-		chmod 600 ${entropy_file} && \
 		dd if=/dev/random of=${entropy_file} \
 		   bs=4096 count=1 2> /dev/null
+	umask ${oumask}
 	;;
 esac