From ea75396037ee97b6a993584bd3d99196d87738e4 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Fri, 15 Jun 2018 12:57:36 +0200
Subject: [PATCH] coverity: #1425850

Insecure temporary file

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 src/lxc/tools/lxc_copy.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/lxc/tools/lxc_copy.c b/src/lxc/tools/lxc_copy.c
index 58f3b01dd..9c2600acd 100644
--- a/src/lxc/tools/lxc_copy.c
+++ b/src/lxc/tools/lxc_copy.c
@@ -744,6 +744,7 @@ static char *mount_tmpfs(const char *oldname, const char *newname,
 {
 	int ret, fd;
 	size_t len;
+	mode_t msk;
 	char *premount = NULL;
 	FILE *fp = NULL;
 
@@ -773,7 +774,9 @@ static char *mount_tmpfs(const char *oldname, const char *newname,
 	if (ret < 0 || (size_t)ret >= len)
 		goto err_free;
 
+	msk = umask(0022);
 	fd = mkstemp(premount);
+	umask(msk);
 	if (fd < 0)
 		goto err_free;
 
-- 
2.47.2