On 29/12/2012 5:19 a.m., Kinkie wrote:
> Hi all,
> the attached patch addresses Coverity issue 740457 ( Using an
> insecure temporary file creation function ).
> The complaint is that umask(2) is not called before creating a
> temporary file in mail_warranty().
>
> --
> /kinkie
This seems to be droppign the small mkstemp optimization makign use of
its FD return result as the already open file.
I think we should be calling umask() before before the whole #if segment
and reset it on each of "return" as well as on successful completion.
Amos
Received on Sat Dec 29 2012 - 00:17:35 MST
This archive was generated by hypermail 2.2.0 : Sat Dec 29 2012 - 12:00:50 MST