From 252b38ab8a62ff083e83b1d6f514109f7b7cbb42 Mon Sep 17 00:00:00 2001
From: Jan Friesse <jfriesse@redhat.com>
Date: Tue, 20 Jan 2015 10:24:34 +0100
Subject: [PATCH] corosync_ring_id_store: Use safer permissions

corosync_ring_id_store should use same (safer) permissions as
corosync_ring_id_create_or_load for (eventually) newly created ringid
file.

Credit to Sjerek for finding this problem.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
---
 exec/main.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/exec/main.c b/exec/main.c
index cd972b5..85c74ee 100644
--- a/exec/main.c
+++ b/exec/main.c
@@ -782,9 +782,9 @@ static void corosync_ring_id_store (
 	snprintf (filename, sizeof(filename), "%s/ringid_%s",
 		get_run_dir(), totemip_print (addr));
 
-	fd = open (filename, O_WRONLY, 0777);
+	fd = open (filename, O_WRONLY, 0700);
 	if (fd == -1) {
-		fd = open (filename, O_CREAT|O_RDWR, 0777);
+		fd = open (filename, O_CREAT|O_RDWR, 0700);
 	}
 	if (fd == -1) {
 		LOGSYS_PERROR(errno, LOGSYS_LEVEL_ERROR,
-- 
1.7.1