The umask used for mkstemp should be secure, but umask 0600 has been
the required umask only since POSIX.1-2008. In glibc 2.06 and earlier
the default was 0666, which is not secure. And no explicit knowledge
of how well non-glibc platforms implement mkstemp. Better err on the
side security, so set the umask temporarily to 0600, and then restore it.
const char * const err = "Failed to create a fake bit bucket";
if (strEQ(scriptname, BIT_BUCKET)) {
#ifdef HAS_MKSTEMP /* Hopefully mkstemp() is safe here. */
+ int old_umask = umask(0600);
int tmpfd = mkstemp(tmpname);
+ umask(old_umask);
if (tmpfd > -1) {
scriptname = tmpname;
close(tmpfd);
char tempname[] = "/tmp/PerlIO_XXXXXX";
const char * const tmpdir = TAINTING_get ? NULL : PerlEnv_getenv("TMPDIR");
SV * sv = NULL;
+ int old_umask = umask(0600);
/*
* I have no idea how portable mkstemp() is ... NI-S
*/
sv_catpv(sv, tempname + 4);
fd = mkstemp(SvPVX(sv));
}
+ umask(old_umask);
if (fd >= 0) {
f = PerlIO_fdopen(fd, "w+");
if (f)