Python's os.open() defaults to mode 0777 if not explicitly specified. Disk image files don't need to be executable, and having them world readable isn't an ideal situation either. Owner writable and group readable is probably more than sufficient when initially creating them. Signed-off-by: Ron Lee <ron@xxxxxxxxxx> --- virtinst/diskbackend.py | 4 ++-- virtinst/urlfetcher.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/virtinst/diskbackend.py b/virtinst/diskbackend.py index 5f72d00..2c74a11 100644 --- a/virtinst/diskbackend.py +++ b/virtinst/diskbackend.py @@ -383,7 +383,7 @@ class StorageCreator(_StorageBase): sparse = True fd = None try: - fd = os.open(self._path, os.O_WRONLY | os.O_CREAT) + fd = os.open(self._path, os.O_WRONLY | os.O_CREAT, 0640) os.ftruncate(fd, size_bytes) finally: if fd: @@ -401,7 +401,7 @@ class StorageCreator(_StorageBase): try: try: src_fd = os.open(self._clone_path, os.O_RDONLY) - dst_fd = os.open(self._path, os.O_WRONLY | os.O_CREAT) + dst_fd = os.open(self._path, os.O_WRONLY | os.O_CREAT, 0640) i = 0 while 1: diff --git a/virtinst/urlfetcher.py b/virtinst/urlfetcher.py index 3f2744b..4e61814 100644 --- a/virtinst/urlfetcher.py +++ b/virtinst/urlfetcher.py @@ -67,7 +67,7 @@ class _ImageFetcher(object): prefix = "virtinst-" + prefix if "VIRTINST_TEST_SUITE" in os.environ: fn = os.path.join(".", prefix) - fd = os.open(fn, os.O_RDWR | os.O_CREAT) + fd = os.open(fn, os.O_RDWR | os.O_CREAT, 0640) else: (fd, fn) = tempfile.mkstemp(prefix=prefix, dir=self.scratchdir) -- 2.0.0.rc2 _______________________________________________ virt-tools-list mailing list virt-tools-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/virt-tools-list