diff --git a/anaconda.spec b/anaconda.spec
index 35bebfc..56911ff 100644
--- a/anaconda.spec
+++ b/anaconda.spec
@@ -1,7 +1,7 @@
 %define _empty_manifest_terminate_build 0
 Name:    anaconda
 Version: 33.19
-Release: 42
+Release: 43
 Summary: Graphical system installer
 License: GPLv2+ and MIT
 URL:     http://fedoraproject.org/wiki/Anaconda
@@ -121,8 +121,9 @@ Patch9028:    Change-sidebar-background-size.patch
 Patch6078:    bugfix-Cancel-planned-manual-update-of-system-time-on-turni.patch
 Patch9029:    support-use-sm3-crypt-user-password.patch
 Patch6079:    backport-remove-authconfig-support.patch
-Patch6080:    bugfix-change-the-startup-mode-of-do_transaction-sub-proces.patch
-Patch6081:    Support-configuration-of-additional-boot-arguments.patch
+Patch6080:    backport-change-the-grub2-user-cfg-permission-from-0700-to-0600.patch
+Patch6081:    bugfix-change-the-startup-mode-of-do_transaction-sub-proces.patch
+Patch6082:    Support-configuration-of-additional-boot-arguments.patch
 
 %define dbusver 1.2.3
 %define dnfver 3.6.0
@@ -362,6 +363,12 @@ update-desktop-database &> /dev/null || :
 %{_prefix}/libexec/anaconda/dd_*
 
 %changelog
+* Fri Apr 8 2022 zhangqiumiao <zhangqiumiao1@huawei.com> - 33.19-43
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:change the grub2 user.cfg permission from 0700 to 0600
+
 * Thu Apr 7 2022 zhangqiumiao <zhangqiumiao1@huawei.com> - 33.19-42
 - Type:bugfix
 - CVE:NA
diff --git a/backport-change-the-grub2-user-cfg-permission-from-0700-to-0600.patch b/backport-change-the-grub2-user-cfg-permission-from-0700-to-0600.patch
new file mode 100644
index 0000000..2fa3d73
--- /dev/null
+++ b/backport-change-the-grub2-user-cfg-permission-from-0700-to-0600.patch
@@ -0,0 +1,22 @@
+From 7db645b89c3c68fbd116dbb8c6e6c1b4ab8eeb07 Mon Sep 17 00:00:00 2001
+From: bitcoffee <854182924@qq.com>
+Date: Tue, 2 Mar 2021 16:11:35 +0800
+Subject: [PATCH] change the grub2 user.cfg permission from 0600 to 0700
+
+---
+ pyanaconda/modules/storage/bootloader/grub2.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/pyanaconda/modules/storage/bootloader/grub2.py b/pyanaconda/modules/storage/bootloader/grub2.py
+index add7dc97086..44b08e4dec9 100644
+--- a/pyanaconda/modules/storage/bootloader/grub2.py
++++ b/pyanaconda/modules/storage/bootloader/grub2.py
+@@ -310,7 +310,7 @@ def write_password_config(self):
+             return
+ 
+         users_file = "%s%s/%s" % (conf.target.system_root, self.config_dir, self._passwd_file)
+-        header = util.open_with_perm(users_file, "w", 0o700)
++        header = util.open_with_perm(users_file, "w", 0o600)
+         # XXX FIXME: document somewhere that the username is "root"
+         self._encrypt_password()
+         password_line = "GRUB2_PASSWORD=" + self.encrypted_password