CreateAuth() opens a file and then, if the opening was successful, its permissions are changed with chmod.
However, an attacker might change the target of the file name between the initial opening and the permissions change, potentially changing the permissions of a different file.
This can be avoided by using fchmod with the file descriptor that was received from opening the file. This ensures that the permissions change is applied to the very same file that was opened.
Also, we need to close the file if open() succeeds but fchmod() fails.
CreateAuth() opens a file and then, if the opening was successful, its permissions are changed with chmod. However, an attacker might change the target of the file name between the initial opening and the permissions change, potentially changing the permissions of a different file.
This can be avoided by using fchmod with the file descriptor that was received from opening the file. This ensures that the permissions change is applied to the very same file that was opened.
Also, we need to close the file if open() succeeds but fchmod() fails.
Reference: CWE-367