Skip to content

Commit ae14ca9

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request kubernetes#129214 from tallclair/kubelet-state-perms
Change default filestore permissions to 0700
2 parents 13eb074 + b2c8406 commit ae14ca9

File tree

1 file changed

+5
-2
lines changed

1 file changed

+5
-2
lines changed

pkg/kubelet/util/store/filestore.go

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,9 @@ import (
2828
const (
2929
// Name prefix for the temporary files.
3030
tmpPrefix = "."
31+
32+
// The default permission bits to set on the filestore directory.
33+
directoryPerm = 0700
3134
)
3235

3336
// FileStore is an implementation of the Store interface which stores data in files.
@@ -41,7 +44,7 @@ type FileStore struct {
4144

4245
// NewFileStore returns an instance of FileStore.
4346
func NewFileStore(path string, fs utilfs.Filesystem) (Store, error) {
44-
if err := fs.MkdirAll(path, 0755); err != nil {
47+
if err := fs.MkdirAll(path, directoryPerm); err != nil {
4548
return nil, err
4649
}
4750
return &FileStore{directoryPath: path, filesystem: fs}, nil
@@ -52,7 +55,7 @@ func (f *FileStore) Write(key string, data []byte) error {
5255
if err := ValidateKey(key); err != nil {
5356
return err
5457
}
55-
if err := f.filesystem.MkdirAll(f.directoryPath, 0755); err != nil {
58+
if err := f.filesystem.MkdirAll(f.directoryPath, directoryPerm); err != nil {
5659
return err
5760
}
5861

0 commit comments

Comments
 (0)