diff options
| author | Sakshi <sabansal@redhat.com> | 2015-04-15 15:30:51 +0530 |
|---|---|---|
| committer | Jeff Darcy <jdarcy@redhat.com> | 2016-04-15 07:25:10 -0700 |
| commit | 96a246a8944cfd9154a75e7dc66fc9aacc39dbf3 (patch) | |
| tree | 512b4a64c53b9e2d6f9dcb885fbb5dbb11642f02 /xlators | |
| parent | 435e25d510ed74dd9b59b22dcb062daca088327f (diff) | |
glusterd: coverity fix for insecure temporary file
Set umask before creating temporary file
Backport of http://review.gluster.org/9558
> Change-Id: Ia39af63b05ce68f3f3af6585b70d4129a5530269
> BUG: 789278
> Signed-off-by: Sakshi <sabansal@redhat.com>
> Reviewed-on: http://review.gluster.org/9558
> Smoke: Gluster Build System <jenkins@build.gluster.com>
> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
> CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
> Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
Change-Id: Ia39af63b05ce68f3f3af6585b70d4129a5530269
BUG: 1215026
Signed-off-by: Sakshi <sabansal@redhat.com>
Reviewed-on: http://review.gluster.org/13984
Smoke: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
Diffstat (limited to 'xlators')
| -rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-mountbroker.c | 3 | ||||
| -rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-utils.c | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/xlators/mgmt/glusterd/src/glusterd-mountbroker.c b/xlators/mgmt/glusterd/src/glusterd-mountbroker.c index e837b2fd64d..8e4e10552c5 100644 --- a/xlators/mgmt/glusterd/src/glusterd-mountbroker.c +++ b/xlators/mgmt/glusterd/src/glusterd-mountbroker.c @@ -528,6 +528,7 @@ glusterd_do_mount (char *label, dict_t *argdict, char **path, int *op_errno) runner_t runner = {0,}; int ret = 0; xlator_t *this = THIS; + mode_t orig_umask = 0; priv = this->private; GF_ASSERT (priv); @@ -627,7 +628,9 @@ glusterd_do_mount (char *label, dict_t *argdict, char **path, int *op_errno) *op_errno = ENOMEM; goto out; } + orig_umask = umask(S_IRWXG | S_IRWXO); ret = mkstemp (cookie); + umask(orig_umask); if (ret == -1) { *op_errno = errno; goto out; diff --git a/xlators/mgmt/glusterd/src/glusterd-utils.c b/xlators/mgmt/glusterd/src/glusterd-utils.c index 15c83acbe9c..4d4f22ee7e9 100644 --- a/xlators/mgmt/glusterd/src/glusterd-utils.c +++ b/xlators/mgmt/glusterd/src/glusterd-utils.c @@ -2059,6 +2059,7 @@ glusterd_volume_compute_cksum (glusterd_volinfo_t *volinfo, char *cksum_path, gf_boolean_t unlink_sortfile = _gf_false; glusterd_conf_t *priv = NULL; xlator_t *this = NULL; + mode_t orig_umask = 0; GF_ASSERT (volinfo); this = THIS; @@ -2079,7 +2080,9 @@ glusterd_volume_compute_cksum (glusterd_volinfo_t *volinfo, char *cksum_path, snprintf (sort_filepath, sizeof (sort_filepath), "/tmp/%s.XXXXXX", volinfo->volname); + orig_umask = umask(S_IRWXG | S_IRWXO); sort_fd = mkstemp (sort_filepath); + umask(orig_umask); if (sort_fd < 0) { gf_msg (this->name, GF_LOG_ERROR, errno, GD_MSG_FILE_OP_FAILED, "Could not generate " |