diff options
author | Scott Moser <smoser@ubuntu.com> | 2010-01-29 13:05:06 -0500 |
---|---|---|
committer | Scott Moser <smoser@ubuntu.com> | 2010-01-29 13:05:06 -0500 |
commit | fddec92b8ea39515ff19be1117fcacb32944ab72 (patch) | |
tree | 6fd20b4981c37f3d61d23725b23603712fe61157 /ec2init/__init__.py | |
parent | 511448c7afdcb5aaeb69a26e570fd600df512610 (diff) | |
download | vyos-cloud-init-fddec92b8ea39515ff19be1117fcacb32944ab72.tar.gz vyos-cloud-init-fddec92b8ea39515ff19be1117fcacb32944ab72.zip |
tighten permissions on cloud-config and user-data to protect it
Diffstat (limited to 'ec2init/__init__.py')
-rw-r--r-- | ec2init/__init__.py | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/ec2init/__init__.py b/ec2init/__init__.py index 918b9280..76aa34f0 100644 --- a/ec2init/__init__.py +++ b/ec2init/__init__.py @@ -147,8 +147,8 @@ class EC2Init: self.store_userdata() def store_userdata(self): - util.write_file(userdata_raw, self.datasource.get_userdata_raw(), 0644) - util.write_file(userdata, self.datasource.get_userdata(), 0644) + util.write_file(userdata_raw, self.datasource.get_userdata_raw(), 0600) + util.write_file(userdata, self.datasource.get_userdata(), 0600) def initctl_emit(self): subprocess.Popen(['initctl', 'emit', 'cloud-config', @@ -283,9 +283,7 @@ class EC2Init: self.cloud_config_str="" return if ctype == "__end__": - f=open(cloud_config, "wb") - f.write(self.cloud_config_str) - f.close() + util.write_file(cloud_config, self.cloud_config_str, 0600) ## this could merge the cloud config with the system config ## for now, not doing this as it seems somewhat circular |