From d5af9ca8a272d071adc7df31fa3cbf442b0dd9f4 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Thu, 17 Apr 2008 19:03:25 +0000
Subject: [PATCH] before using them, force hostname.* files to be unreadable by
 world first version from todd, ok millert

---
 src/etc/netstart | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/etc/netstart b/src/etc/netstart
index 2f37099d..4f98acc3 100644
--- a/src/etc/netstart
+++ b/src/etc/netstart
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$OpenBSD: netstart,v 1.118 2008/01/17 12:36:33 brad Exp $
+#	$OpenBSD: netstart,v 1.119 2008/04/17 19:03:25 deraadt Exp $
 
 # Strip comments (and leading/trailing whitespace if IFS is set)
 # from a file and spew to stdout
@@ -35,6 +35,11 @@ ifstart() {
 		return
 	fi
 
+	file=/etc/hostname.$if
+	if [ "$(stat -f "%SLp" $file)" != "---" ]; then
+		echo "WARNING: $file is insecure, fixing permissions"
+		chmod o-rwx $file
+	fi
 	ifconfig $if > /dev/null 2>&1
 	if [ "$?" != "0" ]; then
 		# Try to create interface if it does not exist