corosync_ring_id_store should use same (safer) permissions as corosync_ring_id_create_or_load for (eventually) newly created ringid file. Signed-off-by: Jan Friesse <jfriesse@xxxxxxxxxx> --- exec/main.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/exec/main.c b/exec/main.c index cd972b5..85c74ee 100644 --- a/exec/main.c +++ b/exec/main.c @@ -782,9 +782,9 @@ static void corosync_ring_id_store ( snprintf (filename, sizeof(filename), "%s/ringid_%s", get_run_dir(), totemip_print (addr)); - fd = open (filename, O_WRONLY, 0777); + fd = open (filename, O_WRONLY, 0700); if (fd == -1) { - fd = open (filename, O_CREAT|O_RDWR, 0777); + fd = open (filename, O_CREAT|O_RDWR, 0700); } if (fd == -1) { LOGSYS_PERROR(errno, LOGSYS_LEVEL_ERROR, -- 1.7.1 _______________________________________________ discuss mailing list discuss@xxxxxxxxxxxx http://lists.corosync.org/mailman/listinfo/discuss