Gitweb: http://git.fedorahosted.org/git/?p=cluster.git;a=commitdiff;h=a40dd4574da... Commit: a40dd4574da7881ff980498f834f27aded844454 Parent: 1177eedd0f1681cf3e6cc0271bcb8d65c7f75b52 Author: Andrew Price <anprice(a)redhat.com&gt; AuthorDate: Fri Aug 16 10:37:40 2013 +0100 Committer: Andrew Price <anprice(a)redhat.com&gt; CommitterDate: Thu Aug 29 11:21:07 2013 +0100 libgfs2: Set umask before calling mkstemp Coverity highlighted a case where mkstemp() was being called without the umask being set. This sets the umask to create the file with 0600 permissions and then restores it after mkstemp() is called. rhbz#1001504 Signed-off-by: Andrew Price <anprice(a)redhat.com&gt; --- gfs2/libgfs2/misc.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/gfs2/libgfs2/misc.c b/gfs2/libgfs2/misc.c index 6807f60..3989bf1 100644 --- a/gfs2/libgfs2/misc.c +++ b/gfs2/libgfs2/misc.c @@ -219,13 +219,16 @@ static void remove_mtab_entry(struct gfs2_sbd *sdp) struct mntent *mountent; char mtab_tmpfn[PATH_MAX]; int error, fd; + mode_t mask; mtab = setmntent("/etc/mtab", "rt"); if (mtab == NULL) die("Couldn't open /etc/mtab for writing: %s\n", strerror(errno)); strcpy(mtab_tmpfn, "/etc/mtab.XXXXXX"); + mask = umask(S_IXUSR | S_IRWXG | S_IRWXO); fd = mkstemp(mtab_tmpfn); + umask(mask); if (fd < 0) die("Couldn't open temporary mtab file for writing: %s\n", strerror(errno));