From 2146307e1f424fd315201b1dad411050ae1f5c3b Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 14 May 2019 13:55:41 +0200 Subject: [PATCH] core: fix file permissions for "/var/lib/NetworkManager/secret_key" Ooherwise, the file has wrong permissions: # ls -la /var/lib/NetworkManager/secret_key ----r-xr-x. 1 root root 50 May 14 13:52 /var/lib/NetworkManager/secret_key Luckily, /var/lib/NetworkManager should be already # ls -lad /var/lib/NetworkManager drwx------. 2 root root 8192 May 14 13:57 /var/lib/NetworkManager which mitigates this a bit. Fixes: dbcb1d6d97c6 ('core: let nm_utils_secret_key_read() handle failures internally') https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/175 (cherry picked from commit dc3a2f9bc4c35030bcaf9e81953daf7894ab62b6) (cherry picked from commit 2d46247c6ac6f89a0b8bac86d684431c07dc6c8e) (cherry picked from commit 7a0f8520ffd2173d0912e8cbdd192bc232e92a43) (cherry picked from commit 869ac551cff99162fda1eb614bf2c45bfc3e5321) --- src/nm-core-utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/nm-core-utils.c b/src/nm-core-utils.c index 54ccdb836d..80db196cec 100644 --- a/src/nm-core-utils.c +++ b/src/nm-core-utils.c @@ -2838,7 +2838,7 @@ _secret_key_read (guint8 **out_secret_key, goto out; } - if (!nm_utils_file_set_contents (NMSTATEDIR "/secret_key", (char *) secret_key, key_len, 0077, &error)) { + if (!nm_utils_file_set_contents (NMSTATEDIR "/secret_key", (char *) secret_key, key_len, 0600, &error)) { nm_log_warn (LOGD_CORE, "secret-key: failure to persist secret key in \"%s\" (%s) (use non-persistent key)", NMSTATEDIR "/secret_key", error->message); success = FALSE;