-
Apollon Oikonomopoulos authored
Since the config backup archive contains sensitive information and is written in world-readable locations (/var/lib by default), it should be created in a safe way and with strict permissions. This commit uses a temporary file to tackle two issues: the relaxed permissions of the archive which respected the umask of the user running `gnt-cluster upgrade' and a (possible) collision attack using a pre-created file with the predictable backup filename. Signed-off-by: Apollon Oikonomopoulos <apoikos@gmail.com> Reviewed-by: Helga Velroyen <helgav@google.com>
a89f62e2