~ruther/guix-local: services: urandom-seed: Set umask to 077 while shutting down.

8fe5d95e6653a8ca2f40048b71bb596c80bb264f — Leo Famulari 9 years ago df2dd07

services: urandom-seed: Set umask to 077 while shutting down.

* gnu/services/base.scm (urandom-seed-shepherd-service): Call 'umask'.

patch browse .tar.gz

1 files changed, 6 insertions(+), 4 deletions(-)

M gnu/services/base.scm

M gnu/services/base.scm => gnu/services/base.scm +6 -4

@@ 460,10 460,12 @@ stopped before 'kill' is called."
                    (let ((buf (make-bytevector 512)))
                      (call-with-input-file "/dev/urandom"
                        (lambda (urandom)
-                         (get-bytevector-n! urandom buf 0 512)
-                         (call-with-output-file #$%random-seed-file
-                           (lambda (seed)
-                             (put-bytevector seed buf)))
+                         (let ((previous-umask (umask #o077)))
+                           (get-bytevector-n! urandom buf 0 512)
+                           (call-with-output-file #$%random-seed-file
+                             (lambda (seed)
+                               (put-bytevector seed buf)))
+                           (umask previous-umask))
                          #t)))))
          (modules `((rnrs bytevectors)
                     (rnrs io ports)