#1457 Insecure temporary file in IPA subdomain provider
Closed: Fixed None Opened 10 years ago by sgallagh.

We are creating a temporary file for the IPA subdomain mapping file, but we need to securely set the umask to 077 before doing so. The IPA provider runs as root, so it would be an opportunity for a race-condition bug.

Fields changed

coverity: => 13024
owner: somebody => sgallagh
patch: 0 => 1
status: new => assigned

master: 249d3b8

milestone: NEEDS_TRIAGE => SSSD 1.9.0 RC1
resolution: => fixed
status: assigned => closed

Fields changed

rhbz: => 0

Metadata Update from @sgallagh:
- Issue assigned to sgallagh
- Issue set to the milestone: SSSD 1.9.0 beta 7

5 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2499

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.