core: be more paranoid when mixing umask and fopen()

Let's be extra careful with the umask when we use simple fopen(), as this
creates files with 0777 by default.

diff --git a/src/basic/util.c b/src/basic/util.c
index 8f2317f2852906c81cd21991ffbed22ae3593927..b049a44854ed3000e43c92e54b384a711de6af97 100644 (file)
--- a/src/basic/util.c
+++ b/src/basic/util.c
@@ -55,6 +55,7 @@
 #include "string-util.h"
 #include "strv.h"
 #include "time-util.h"
+#include "umask-util.h"
 #include "user-util.h"
 #include "util.h"
 
@@ -784,7 +785,8 @@ int update_reboot_param_file(const char *param) {
         int r = 0;
 
         if (param) {
-                r = write_string_file(REBOOT_PARAM_FILE, param, WRITE_STRING_FILE_CREATE);
+                RUN_WITH_UMASK(0022)
+                        r = write_string_file(REBOOT_PARAM_FILE, param, WRITE_STRING_FILE_CREATE);
                 if (r < 0)
                         return log_error_errno(r, "Failed to write reboot param to "REBOOT_PARAM_FILE": %m");
         } else