summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChong Cai <chongc@google.com>2020-09-17 16:27:01 -0700
committergVisor bot <gvisor-bot@google.com>2020-09-17 16:28:43 -0700
commitf1f844daabdacf46f6237ddf0a90c370dbe2348a (patch)
tree22795c0ae9fcef0385f0e052947e67f2bfbd1df1
parent319d1b8ba0604e7bc029f98ae0e9b09badd5abad (diff)
Set mode when creating Merkle tree file
PiperOrigin-RevId: 332340342
-rw-r--r--pkg/sentry/fsimpl/verity/filesystem.go1
1 files changed, 1 insertions, 0 deletions
diff --git a/pkg/sentry/fsimpl/verity/filesystem.go b/pkg/sentry/fsimpl/verity/filesystem.go
index f86a6a0b2..d00340802 100644
--- a/pkg/sentry/fsimpl/verity/filesystem.go
+++ b/pkg/sentry/fsimpl/verity/filesystem.go
@@ -372,6 +372,7 @@ func (fs *filesystem) lookupAndVerifyLocked(ctx context.Context, parent *dentry,
Path: fspath.Parse(childMerkleFilename),
}, &vfs.OpenOptions{
Flags: linux.O_RDWR | linux.O_CREAT,
+ Mode: 0644,
})
if err != nil {
return nil, err