From 35c873fe47ead7841a284da22bf4a7f23a70d49f Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Sat, 3 Jun 2017 22:33:36 +0000
Subject: [PATCH] Immediately after mounting / read-write, chmod og-rwx the
 kernel.  Remote prying eyes were already been hindered at determining kernel
 addresses, now local prying eyes are also hindered. ok tb rpe

---
 src/etc/rc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/etc/rc b/src/etc/rc
index e2ade104..cc8a200b 100644
--- a/src/etc/rc
+++ b/src/etc/rc
@@ -1,4 +1,4 @@
-#	$OpenBSD: rc,v 1.498 2017/05/30 12:04:26 tb Exp $
+#	$OpenBSD: rc,v 1.499 2017/06/03 22:33:36 deraadt Exp $
 
 # System startup script run by init on autoboot or after single-user.
 # Output and error are redirected to console by init, and the console is the
@@ -342,6 +342,7 @@ mount -a -t nonfs,vnd
 # Re-mount the root filesystem read/writeable. (root on nfs requires this,
 # others aren't hurt.)
 mount -uw /
+chmod og-rwx /bsd
 
 rm -f /fastboot