Set secure file permissions for temporary file
From glibc mkstemp man page:
In glibc versions 2.06 and earlier, the file is created with
permissions 0666, that is, read and write for all users. This old
behavior may be a security risk, especially since other UNIX flavors
use 0600, and somebody might overlook this detail when porting
programs. POSIX.1-2008 adds a requirement that the file be created
with mode 0600.
More generally, the POSIX specification of mkstemp() does not say
anything about file modes, so the application should make sure its
file mode creation mask (see umask(2)) is set appropriately before
calling mkstemp() (and mkostemp()).
And:
http://cwe.mitre.org/data/definitions/377.html
projects / platform / upstream / efl.git / commit