diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-12-16 11:13:55 -0500 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-12-19 11:38:35 -0500 |
commit | 69420a154fc9fb8b04f437125a6a0604b26b1292 (patch) | |
tree | 4b8e118a394baa2cc0ceeaeadbd04d12db973ef7 /src/providers/krb5/krb5_child.c | |
parent | 05113318e280904f2a1ce3721b8d6504afd7e7df (diff) | |
download | sssd-69420a154fc9fb8b04f437125a6a0604b26b1292.tar.gz sssd-69420a154fc9fb8b04f437125a6a0604b26b1292.tar.xz sssd-69420a154fc9fb8b04f437125a6a0604b26b1292.zip |
Securely set umask when using mkstemp
Coverity 12394, 12395, 12396, 12397 and 12398
Diffstat (limited to 'src/providers/krb5/krb5_child.c')
-rw-r--r-- | src/providers/krb5/krb5_child.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c index 01690cf4a..297e3a763 100644 --- a/src/providers/krb5/krb5_child.c +++ b/src/providers/krb5/krb5_child.c @@ -230,6 +230,7 @@ static krb5_error_code create_ccache_file(krb5_context ctx, char *tmp_ccname; krb5_creds *l_cred; TALLOC_CTX *tmp_ctx = NULL; + mode_t old_umask; if (strncmp(ccname, "FILE:", 5) == 0) { cc_file_name = ccname + 5; @@ -258,7 +259,9 @@ static krb5_error_code create_ccache_file(krb5_context ctx, } tmp_ccname = talloc_asprintf_append(tmp_ccname, "/.krb5cc_dummy_XXXXXX"); + old_umask = umask(077); fd = mkstemp(tmp_ccname); + umask(old_umask); if (fd == -1) { DEBUG(1, ("mkstemp failed [%d][%s].\n", errno, strerror(errno))); kerr = errno; |