diff -urNp strongswan-5.2.0dr4-patched/src/charon/charon.c strongswan-5.2.0dr4-current/src/charon/charon.c
--- strongswan-5.2.0dr4-patched/src/charon/charon.c	2014-05-22 16:14:28.761324384 -0400
+++ strongswan-5.2.0dr4-current/src/charon/charon.c	2014-05-22 16:19:00.239224819 -0400
@@ -229,7 +229,7 @@ static bool check_pidfile()
 	}
 
 	/* create new pidfile */
-	pidfile = fopen(PID_FILE, "w");
+	pidfile = fopen(PID_FILE, "we");
 	if (pidfile)
 	{
 		ignore_result(fchown(fileno(pidfile),
diff -urNp strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/random/random_plugin.c strongswan-5.2.0dr4-current/src/libstrongswan/plugins/random/random_plugin.c
--- strongswan-5.2.0dr4-patched/src/libstrongswan/plugins/random/random_plugin.c	2014-05-22 16:14:28.738324392 -0400
+++ strongswan-5.2.0dr4-current/src/libstrongswan/plugins/random/random_plugin.c	2014-05-22 16:19:00.239224819 -0400
@@ -83,7 +83,7 @@ bool random_plugin_get_strong_equals_tru
  */
 static bool open_dev(char *file, int *fd)
 {
-	*fd = open(file, O_RDONLY);
+	*fd = open(file, O_RDONLY | O_CLOEXEC);
 	if (*fd == -1)
 	{
 		DBG1(DBG_LIB, "opening \"%s\" failed: %s", file, strerror(errno));