From 290f2a74c2e2140aa78016aeeb066d447a801ecd Mon Sep 17 00:00:00 2001
From: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date: Fri, 12 Aug 2011 02:35:01 +0200
Subject: Avoid /tmp/entropy.sock compromision

  * local/setup-translators: Set up entropy socket in /var/run instead of
    /tmp, as the latter is world-writable.
---
 debian/changelog               | 2 ++
 debian/local/setup-translators | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

(limited to 'debian')

diff --git a/debian/changelog b/debian/changelog
index 515f0af1..06bb0487 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,8 @@ hurd (20110519-4) UNRELEASED; urgency=low
 
   * local/setup-translators: Restore /dev/shm creation.
   * patches/libdiskfs_sync.patch: New patch to fix sync at shutdown.
+  * local/setup-translators: Set up entropy socket in /var/run instead of
+    /tmp, as the latter is world-writable.
 
  -- Samuel Thibault <sthibault@debian.org>  Mon, 01 Aug 2011 22:53:23 +0200
 
diff --git a/debian/local/setup-translators b/debian/local/setup-translators
index 17d0a28a..6bd2f1d1 100755
--- a/debian/local/setup-translators
+++ b/debian/local/setup-translators
@@ -145,8 +145,8 @@ else
 	md ptyq
 	md lprX 0123
 	md comX 0123
-	st random 'random /tmp/entropy.sock' random
-	st urandom 'random -u /tmp/entropy.sock' urandom
+	st random 'random /var/run/entropy.sock' random
+	st urandom 'random -u /var/run/entropy.sock' urandom
 fi
 
 st kbd 'symlink cons/kbd' kbd
-- 
cgit v1.2.3