From dfbf5910b922adde5af9c5a20318e71ee1d816cb Mon Sep 17 00:00:00 2001
From: Axel Beckert <abe@deuxchevaux.org>
Date: Tue, 26 Jan 2010 01:57:40 +0100
Subject: [PATCH] Set umask to 0077 before creating disk images

---
 bin/xen-create-image | 8 ++++++++
 debian/changelog     | 3 ++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/bin/xen-create-image b/bin/xen-create-image
index d7c2d1e..f85899e 100755
--- a/bin/xen-create-image
+++ b/bin/xen-create-image
@@ -2573,9 +2573,17 @@ sub createLoopbackImages
             $image_cmd = "dd if=/dev/zero of=$disk bs=$size count=1024";
         }
 
+        # Set the umask so that the images are not world readable.
+        my $oldumask = umask;
+        umask(0077);
+
+	# run the image creation command
         runCommand($image_cmd);
         logprint("Done\n");
 
+        # Reset the umask to the previous value
+        umask($oldumask);
+
         if ( !-e $disk )
         {
             logprint("The partition image creation failed to create $disk.\n");
diff --git a/debian/changelog b/debian/changelog
index 78331de..c04587f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,7 +5,8 @@ xen-tools (4.1-2) UNRELEASED; urgency=low
   * Removal of /etc/bash_completion.d/xm from the package since
     bash-completion ships a more elaborate version of that file. (Closes:
     #566683, #550590)
-
+  * Set umask to 0077 before creating disk images (Closes: #548909)
+  
  --
 
 xen-tools (4.1-1) unstable; urgency=low