Summary:
We have observed rocksdb databases creating info log files with world-writeable permissions.
The reason why the file is created like so is because stdio streams opened with fopen calls use mode 0666, and while normally most systems have a umask of 022, in some occasions (for instance, while running daemons), you may find that the application is running with a less restrictive umask. The result is that when opening the DB, the LOG file would be created with world-writeable perms:
```
$ ls -lh db/
total 6.4M
-rw-r--r-- 1 ibarba users 115 Mar 24 17:41 000004.log
-rw-r--r-- 1 ibarba users 16 Mar 24 17:41 CURRENT
-rw-r--r-- 1 ibarba users 37 Mar 24 17:41 IDENTITY
-rw-r--r-- 1 ibarba users 0 Mar 24 17:41 LOCK
-rw-rw-r-- 1 ibarba users 114K Mar 24 17:41 LOG
-rw-r--r-- 1 ibarba users 514 Mar 24 17:41 MANIFEST-000003
-rw-r--r-- 1 ibarba users 31K Mar 24 17:41 OPTIONS-000018
-rw-r--r-- 1 ibarba users 31K Mar 24 17:41 OPTIONS-000020
```
This diff replaces the fopen call with a regular open() call restricting mode, and then using fdopen to associate an stdio stream with that file descriptor. Resulting in the following files being created:
```
-rw-r--r-- 1 ibarba users 58 Mar 24 18:16 000004.log
-rw-r--r-- 1 ibarba users 16 Mar 24 18:16 CURRENT
-rw-r--r-- 1 ibarba users 37 Mar 24 18:16 IDENTITY
-rw-r--r-- 1 ibarba users 0 Mar 24 18:16 LOCK
-rw-r--r-- 1 ibarba users 111K Mar 24 18:16 LOG
-rw-r--r-- 1 ibarba users 514 Mar 24 18:16 MANIFEST-000003
-rw-r--r-- 1 ibarba users 31K Mar 24 18:16 OPTIONS-000018
-rw-r--r-- 1 ibarba users 31K Mar 24 18:16 OPTIONS-000020
```
With the correct permissions
Pull Request resolved: https://github.com/facebook/rocksdb/pull/8106
Reviewed By: akankshamahajan15
Differential Revision: D27415377
Pulled By: mrambacher
fbshipit-source-id: 97ac6c215700a7ea306f4a1fdf9fcf64a3cbb202
04191e1c5d