debian/udpkey.initramfs-hook: Ensure seed is not publicly readable.

author Mark Wooding <mdw@distorted.org.uk>

Sat, 29 Jun 2013 16:27:24 +0000 (17:27 +0100)

committer Mark Wooding <mdw@distorted.org.uk>

Sat, 29 Jun 2013 16:30:07 +0000 (17:30 +0100)
author Mark Wooding <mdw@distorted.org.uk>
Sat, 29 Jun 2013 16:27:24 +0000 (17:27 +0100)
committer Mark Wooding <mdw@distorted.org.uk>
Sat, 29 Jun 2013 16:30:07 +0000 (17:30 +0100)
diff --git a/debian/udpkey.initramfs-hook b/debian/udpkey.initramfs-hook

index 33be1c4375e4c8d1ac5d37652fd42ba2ea634cc3..0f3abf453c23c0005249a9c1142a1245c2f4f8cd 100755 (executable)
--- a/debian/udpkey.initramfs-hook
+++ b/debian/udpkey.initramfs-hook
@@ -15,4 +15,5 @@ esac
  
  copy_exec /usr/bin/udpkey
  cp -r /etc/udpkey $DESTDIR/etc/
-dd if=/dev/random of=$DESTDIR/etc/udpkey/seed bs=1 count=32
+
+(umask 077 && dd if=/dev/random of=$DESTDIR/etc/udpkey/seed bs=1 count=32)
author	Mark Wooding <mdw@distorted.org.uk>
	Sat, 29 Jun 2013 16:27:24 +0000 (17:27 +0100)
committer	Mark Wooding <mdw@distorted.org.uk>
	Sat, 29 Jun 2013 16:30:07 +0000 (17:30 +0100)