tools: init scripts: make XEN_RUN_DIR and XEN_LOCK_DIR mode 700

These directories ought not to be even world-readable.  If this script
for some reason runs with a lax umask they might be created
overly-writeable.  Avoid any such bug by setting the mode explicitly.

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Acked-by: Wei Liu <wei.liu2@citrix.com>
Release-acked-by: Juergen Gross <jgross@suse.com>

diff --git a/tools/hotplug/Linux/init.d/xencommons.in b/tools/hotplug/Linux/init.d/xencommons.in
index aa62e4c92f742554efb16d2acfe5912af11c581e..7fd6903b9868e27f855ba797a2529e6e2171d089 100644 (file)
--- a/tools/hotplug/Linux/init.d/xencommons.in
+++ b/tools/hotplug/Linux/init.d/xencommons.in
@@ -56,8 +56,8 @@ do_start () {
 
        for mod in $BACKEND_MODULES ; do modprobe "$mod" &>/dev/null ; done
 
-       mkdir -p ${XEN_RUN_DIR}
-       mkdir -p ${XEN_LOCK_DIR}
+       mkdir -m700 -p ${XEN_RUN_DIR}
+       mkdir -m700 -p ${XEN_LOCK_DIR}
        mkdir -p ${XEN_LOG_DIR}
 
        @XEN_SCRIPT_DIR@/launch-xenstore || exit 1