tmpfile weakness #26
Creating and using insecure temporary files.
Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library.
newpf_fd = mkstemp (opasswd_tmp);