4 files changed, 41 insertions, 3 deletions

diff --git a/lib/command.c b/lib/command.c
index 8c60fc4f..43a0bb3f 100644
--- a/lib/command.c
+++ b/lib/command.c
@@ -2552,6 +2552,14 @@ DEFUN (config_write_file,
   
   free (config_file_sav);
   free (config_file_tmp);
+
+  if (chmod (config_file, CONFIGFILE_MASK) != 0)
+    {
+      vty_out (vty, "Can't chmod configuration file %s: %s (%d).%s", 
+	config_file, strerror(errno), errno, VTY_NEWLINE);
+      return CMD_WARNING;      
+    }
+
   vty_out (vty, "Configuration saved to %s%s", config_file,
 	   VTY_NEWLINE);
   return CMD_SUCCESS;
diff --git a/lib/log.c b/lib/log.c
index 88e1dbf0..aedab3c6 100644
--- a/lib/log.c
+++ b/lib/log.c
@@ -365,6 +365,7 @@ int
 zlog_set_file (struct zlog *zl, int flags, char *filename)
 {
   FILE *fp;
+  mode_t oldumask;
 
   /* There is opend file.  */
   zlog_reset_file (zl);
@@ -374,9 +375,14 @@ zlog_set_file (struct zlog *zl, int flags, char *filename)
     zl = zlog_default;
 
   /* Open file. */
+  oldumask = umask (0777 & ~LOGFILE_MASK);
   fp = fopen (filename, "a");
   if (fp == NULL)
-    return 0;
+    {
+      umask(oldumask);
+      return 0;
+    }
+  umask(oldumask);
 
   /* Set flags. */
   zl->filename = strdup (filename);
@@ -421,9 +427,16 @@ zlog_rotate (struct zlog *zl)
 
   if (zl->filename)
     {
+      mode_t oldumask;
+
+      oldumask = umask (0777 & ~LOGFILE_MASK);
       fp = fopen (zl->filename, "a");
       if (fp == NULL)
-	return -1;
+        {
+	  umask(oldumask);
+	  return -1;
+        }	
+      umask(oldumask);
       zl->fp = fp;
     }
 
diff --git a/lib/pid_output.c b/lib/pid_output.c
index 125ca403..2d90afca 100644
--- a/lib/pid_output.c
+++ b/lib/pid_output.c
@@ -32,16 +32,20 @@ pid_output (char *path)
 #ifndef HAVE_FCNTL
   FILE *fp;
   pid_t pid;
+  mask_t oldumask;
 
   pid = getpid();
 
+  oldumask = umask(0777 & ~LOGFILE_MASK);
   fp = fopen (path, "w");
   if (fp != NULL) 
     {
       fprintf (fp, "%d\n", (int) pid);
       fclose (fp);
+      umask(oldumask);
       return -1;
     }
+  umask(oldumask);
   return pid;
 #else
   return pid_output_lock(path);
@@ -57,18 +61,23 @@ pid_output_lock (char *path)
   pid_t pid;
   char buf[16];
   struct flock lock;  
+  mode_t oldumask;
 
   pid = getpid ();
 
-  fd = open (path, O_RDWR | O_CREAT, 0644);
+  oldumask = umask(0777 & ~LOGFILE_MASK);
+  zlog_err( "old umask %d %d", oldumask, 0777 & ~LOGFILE_MASK);
+  fd = open (path, O_RDWR | O_CREAT, LOGFILE_MASK);
       if (fd < 0)
         {
         zlog_err( "Can't creat pid lock file %s (%s), exit", 
                  path, strerror(errno));
+      umask(oldumask);
       exit (-1);
     }
   else
     {
+      umask(oldumask);
       memset (&lock, 0, sizeof(lock));
 
       lock.l_type = F_WRLCK;
diff --git a/lib/vty.c b/lib/vty.c
index edfd99dd..8ba99708 100644
--- a/lib/vty.c
+++ b/lib/vty.c
@@ -2185,6 +2185,14 @@ vty_use_backup_config (char *fullpath)
   close (sav);
   close (tmp);
   
+  if (chmod(fullpath_tmp, CONFIGFILE_MASK) != 0)
+    {
+      free (fullpath_sav);
+      free (fullpath_tmp);
+      unlink (fullpath_tmp);
+      return NULL;
+    }
+  
   if (link (fullpath_tmp, fullpath) == 0)
     ret = fopen (fullpath, "r");