summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2004-04-29 07:21:25 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:51:21 -0500
commitb8f32d608fb68bd3339daba8fe93724f8f70a8ab (patch)
tree5555d1ea8c2386433e9b684e15d8e2a73b7f194a
parentce55cf1b825ce1d76310aff6829eafc8defe53ad (diff)
downloadsamba-b8f32d608fb68bd3339daba8fe93724f8f70a8ab.tar.gz
samba-b8f32d608fb68bd3339daba8fe93724f8f70a8ab.tar.bz2
samba-b8f32d608fb68bd3339daba8fe93724f8f70a8ab.zip
r397: BUG 1199: check logfile before writing debug output
(This used to be commit 52df0905cdb68c0b83f64ccca39d377254e371cc)
-rwxr-xr-xexamples/printing/smbprint30
1 files changed, 28 insertions, 2 deletions
diff --git a/examples/printing/smbprint b/examples/printing/smbprint
index 61ee41f444..e2bbdc2f16 100755
--- a/examples/printing/smbprint
+++ b/examples/printing/smbprint
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
# This script is an input filter for printcap printing on a unix machine. It
# uses the smbclient program to print the file to the specified smb-based
@@ -102,7 +102,33 @@ if [ $TRANS -eq 1 ]; then
command="translate;$command";
fi
-debugfile="/tmp/smb-print.log"
+##
+## Some security checks on the logfile if we are using it
+##
+## make the directory containing the logfile is necessary
+## and set the permissions to be rwx for owner only
+##
+
+debugfile="/tmp/smb-print/logfile"
+logdir=`dirname $debugfile`
+if [ ! -d $logdir ]; then
+ mkdir -m 0700 $logdir
+fi
+
+##
+## check ownership. If I don't own it refuse to
+## create the logfile
+##
+if [ ! -O $logdir ]; then
+ echo "user running script does not own $logdir. Ignoring any debug options."
+ debug=""
+fi
+
+##
+## We should be safe at this point to create the log file
+## without fear of a symlink attack -- move on to more script work.
+##
+
if [ "x$debug" = "x" ] ; then
debugfile=/dev/null debugargs=
else