Create the config backup archive in a safe way
authorApollon Oikonomopoulos <apoikos@gmail.com>
Fri, 1 Aug 2014 08:23:45 +0000 (11:23 +0300)
committerHelga Velroyen <helgav@google.com>
Tue, 5 Aug 2014 14:46:56 +0000 (16:46 +0200)
commita89f62e2db9ccf715d64d1a6322474b54d2d9ae0
tree8a552ab32993ec27d208e8e928f86e2d46f50407
parent543839185c22d0dbff9ff57547470d39a35d2f5c
Create the config backup archive in a safe way

Since the config backup archive contains sensitive information and is
written in world-readable locations (/var/lib by default), it should be
created in a safe way and with strict permissions.

This commit uses a temporary file to tackle two issues: the relaxed
permissions of the archive which respected the umask of the user running
`gnt-cluster upgrade' and a (possible) collision attack using a
pre-created file with the predictable backup filename.

Signed-off-by: Apollon Oikonomopoulos <apoikos@gmail.com>
Reviewed-by: Helga Velroyen <helgav@google.com>
lib/client/gnt_cluster.py