Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix for Coverity perl5 CID 29068: Insecure temporary file (SECURE_TEM…
…P) secure_temp: Calling mkstemp() without securely setting umask first. The umask used for mkstemp should be secure, but umask 0600 has been the required umask only since POSIX.1-2008. In glibc 2.06 and earlier the default was 0666, which is not secure. And no explicit knowledge of how well non-glibc platforms implement mkstemp. Better err on the side security, so set the umask temporarily to 0600, and then restore it.
- Loading branch information