core: be more paranoid when mixing umask and fopen()

Let's be extra careful with the umask when we use simple fopen(), as this creates files with 0777 by default.
author: Lennart Poettering <lennart@poettering.net> 2016-04-07 16:15:26 +0200
committer: Lennart Poettering <lennart@poettering.net> 2016-04-12 13:43:32 +0200
commit: 8612da973d30c5a9530fa1b6b3d449147b5a3324 (patch)
tree: 391c71ae6c9bd01e69ed98e39b8cbc72e3f07572 /src/core/main.c
parent: 4f4afc88ecd8ab9cfe9e1eeea7e3aeb937811937 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/src/core/main.c b/src/core/main.c
index a428e345e0..2912608435 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -81,6 +81,7 @@
 #include "strv.h"
 #include "switch-root.h"
 #include "terminal-util.h"
+#include "umask-util.h"
 #include "user-util.h"
 #include "virt.h"
 #include "watchdog.h"
@@ -1237,7 +1238,8 @@ static int write_container_id(void) {
         if (isempty(c))
                 return 0;
 
-        r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
+        RUN_WITH_UMASK(0022)
+                r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
         if (r < 0)
                 return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m");
author	Lennart Poettering <lennart@poettering.net>	2016-04-07 16:15:26 +0200
committer	Lennart Poettering <lennart@poettering.net>	2016-04-12 13:43:32 +0200
commit	8612da973d30c5a9530fa1b6b3d449147b5a3324 (patch)
tree	391c71ae6c9bd01e69ed98e39b8cbc72e3f07572 /src/core/main.c
parent	4f4afc88ecd8ab9cfe9e1eeea7e3aeb937811937 (diff)