From 8765eb88facacf570acabc9ea3f2bdd5d495f33d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= <markus.makela@mariadb.com>
Date: Mon, 2 Aug 2021 09:11:45 +0300
Subject: [PATCH] MXS-3415: Export config with correct permissions

The created file is now created with the correct permissions: read and
write permissions for the user and group.
---
 server/core/config.cc | 43 +++++++++++++++++++++++++------------------
 1 file changed, 25 insertions(+), 18 deletions(-)

diff --git a/server/core/config.cc b/server/core/config.cc
index 7ead4930b..497bbbe4c 100644
--- a/server/core/config.cc
+++ b/server/core/config.cc
@@ -1368,32 +1368,39 @@ bool export_config_file(const char* filename)
         contexts.push_back(ctx);
     }
 
-    std::ofstream file(filename);
+    std::ostringstream ss;
+    ss << "# Generated by MaxScale " << MAXSCALE_VERSION << '\n';
+    ss << "# Documentation: https://mariadb.com/kb/en/mariadb-enterprise/maxscale/ \n\n";
 
-    if (file)
+    for (CONFIG_CONTEXT* ctx : contexts)
     {
-        time_t now = time(NULL);
-        file << "# Generated by MaxScale " << MAXSCALE_VERSION << '\n';
-        file << "# Documentation: https://mariadb.com/kb/en/mariadb-enterprise/maxscale/ \n\n";
-
-        for (auto it = contexts.rbegin(); it != contexts.rend(); it++)
+        ss << '[' << ctx->m_name << "]\n";
+        for (const auto& elem : ctx->m_parameters)
         {
-            CONFIG_CONTEXT* ctx = *it;
-
-            file << '[' << ctx->m_name << "]\n";
-            for (const auto& elem : ctx->m_parameters)
-            {
-                file << elem.first << '=' << elem.second << '\n';
-            }
-            file << '\n';
+            ss << elem.first << '=' << elem.second << '\n';
         }
+        ss << '\n';
+    }
+
+    int fd = open(filename, O_CREAT | O_EXCL | O_WRONLY, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
+
+    if (fd != -1)
+    {
+        std::string payload = ss.str();
+
+        if (write(fd, payload.c_str(), payload.size()) == -1)
+        {
+            MXS_ERROR("Failed to write to file '%s': %d, %s",
+                      filename, errno, mxs_strerror(errno));
+            rval = false;
+        }
+
+        close(fd);
     }
     else
     {
         MXS_ERROR("Failed to open configuration export file '%s': %d, %s",
-                  filename,
-                  errno,
-                  mxs_strerror(errno));
+                  filename, errno, mxs_strerror(errno));
         rval = false;
     }