From: Martin Wilck <mwilck@xxxxxxxx> Coverity SECURE_TEMP (https://scan4.coverity.com/doc/en/cov_checker_ref.html#static_checker_SECURE_TEMP). multipathd sets this umask anyway, but multipath doesn't. Reviewed-by: Benjamin Marzinski <bmarzins@xxxxxxxxxx> Signed-off-by: Martin Wilck <mwilck@xxxxxxxx> --- libmultipath/alias.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libmultipath/alias.c b/libmultipath/alias.c index 6ae512c..87c33af 100644 --- a/libmultipath/alias.c +++ b/libmultipath/alias.c @@ -578,13 +578,17 @@ static int fix_bindings_file(const struct config *conf, int rc; long fd; char tempname[PATH_MAX]; + mode_t old_umask; if (safe_sprintf(tempname, "%s.XXXXXX", conf->bindings_file)) return -1; + /* coverity: SECURE_TEMP */ + old_umask = umask(0077); if ((fd = mkstemp(tempname)) == -1) { condlog(1, "%s: mkstemp: %m", __func__); return -1; } + umask(old_umask); pthread_cleanup_push(close_fd, (void*)fd); rc = write_bindings_file(bindings, fd); pthread_cleanup_pop(1); -- 2.33.1 -- dm-devel mailing list dm-devel@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/dm-devel