[Linux-cluster] [PATCH] Fix ccsd /etc/cluster/cluster.conf file permissions

[Fabio Massimo Di Nitto]

Hi guys,
 not too long ago i found that ccsd was writing /etc/cluster/cluster.conf with 0666 permissions,
making the file r/w for all users. While it is still difficult for a user to inject the modified
configuration into the cluster, there is still an open window in which that might happen.

The patch in attachment (against RHEL4U1 branch, but it should apply clean allover) changes this
behavior to set proper permissions on the file.

Note that the use of open is required to set the proper permissions at file creation time.
The use of fopen has been changed to fdopen (to use the filedescriptor from open) since
xmlDocDump still requires a FILE *f as first argument.

Another note: i am not claiming this is the best solution/patch. it works here so review and
comments are appreciated.

How to reproduce:

A new node is added to the cluster. the new node does not have a cluster.conf and
as soon as ccsd is started, the configuration is fetched from the other nodes.
The resulting file has 0666 file permissions.

Thanks
Fabio

--
no signature file found.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: fixperm.diff
URL: <http://listman.redhat.com/archives/linux-cluster/attachments/20050609/ae8dd17e/attachment.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/linux-cluster/attachments/20050609/ae8dd17e/attachment.sig>