root privileges are not dropped before writing configuration file.
vulners.com/securityvulns/securityvulns:doc:8628