Comment 2 for bug 1397652

udev doesn't change permissions on these devices, that's a kernel default (devtmpfs). However, why is that bad? As far as I know, the devices are writable for non-root users so that you can have usespace daemons like haveged for additional entropy data (but not increase it -- that's a separate ioctl(RNDADDENTROPY) which is limited to root, so that users can't make entropy any worse). So I think this is by design, but I keep this open in case you see an actual issue here? Thanks!