Creating a file with insufficient file access permissions may allow unintended access to that file. Although access permissions are heavily dependent on the underlying operating system, many file creation functions provide mechanisms to set (or at least influence) access permissions. When these functions are used to create files, appropriate access permissions should be specified to prevent unintended access.
...
Access permissions for the newly created file should be specified in the call third parameter to open(). Again, the permissions may be influenced by the value of umask().
...