No, writing to /dev/random does not feed update entropy estimate. It
does mix data into the pool, but the mixing algorithm is designed so
that you can do no harm by mixing any data into the pool --- even nasty
data chosen by an attacker. Hence, allowing someone to write into
/dev/random is perfectly safe; it can cause no damage, and might improve
things. That's why /dev/random should be world-writable.
There is a separate ioctl which requires root privs to atomically mix
data into the pool and update the entropy estimate. That's the
interface which is supposed to be used by trusted daemons which pull
data from various hardware devices, and feed them into /dev/random.
So writing is safe. How about ioctls. Some may indeed influence the
entropy pool. But they are already protected by the CAP_SYS_ADMIN
capability, so even root in a virtual private server can't use them.