Merge pull request #2203 from jenkinsci/jtnord-patch-1

[FIX JENKINS-33978] Set file permissions on the file before writing the secret

core/src/main/java/jenkins/install/SetupWizard.java

@@ -79,8 +79,10 @@ public class SetupWizard {
                 // JENKINS-33599 - write to a file in the jenkins home directory
                 // most native packages of Jenkins creates a machine user account 'jenkins' to run Jenkins,
                 // and use group 'jenkins' for admins. So we allo groups to read this file
-                iapf.write(randomUUID + System.lineSeparator(), "UTF-8");
+                iapf.touch(System.currentTimeMillis());
                 iapf.chmod(0640);
+                iapf.write(randomUUID + System.lineSeparator(), "UTF-8");
+                
 
                 // Lock Jenkins down:
                 FullControlOnceLoggedInAuthorizationStrategy authStrategy = new FullControlOnceLoggedInAuthorizationStrategy();