Package: initscripts Version: 2.86.ds1-61 Severity: important Tags: patch Do not "rm -f $SAVEDFILE" This is important in the case where $SAVEDFILE is a symlink. Simply overwriting the file is easier and better.
This is #5 in a group of 5 patches for init.d/urandom. -- System Information: Debian Release: 5.0.5 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i586) Kernel: Linux 2.6.26.5 (PREEMPT) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash
>From 9f7283cb1bfc4747dc53984fc97cd2838146c194 Mon Sep 17 00:00:00 2001 From: John Denker <j...@av8n.com> Date: Sat, 11 Sep 2010 11:21:19 -0700 Subject: [PATCH 5/5] Do not "rm -f $SAVEDFILE" because that is a Bad Idea when $SAVEDFILE is a symlink. Overwriting the file is quite sufficient. --- urandom | 1 - 1 files changed, 0 insertions(+), 1 deletions(-) diff --git a/urandom b/urandom index ac1c06e..08a9fe8 100755 --- a/urandom +++ b/urandom @@ -58,7 +58,6 @@ case "$1" in then cat "$SAVEDFILE" >/dev/urandom fi - rm -f $SAVEDFILE # Write a new seed into $SAVEDFILE because re-using a seed # compromises security. Each time we re-seed, we want the # seed to be as different as possible. -- 1.7.0.4