diff options
author | Jeremy Allison <jra@samba.org> | 2000-03-11 01:02:45 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2000-03-11 01:02:45 +0000 |
commit | 7b97d056a1deae9e885765153f596e8e30e334b1 (patch) | |
tree | d7b2af859e8ce7d333b971fe6938092efe1daf1b /source3/rpc_server/srv_spoolss_nt.c | |
parent | d50abdee22f1573890e16bd4f2a70fe2b20b53fe (diff) | |
download | samba-7b97d056a1deae9e885765153f596e8e30e334b1.tar.gz samba-7b97d056a1deae9e885765153f596e8e30e334b1.tar.bz2 samba-7b97d056a1deae9e885765153f596e8e30e334b1.zip |
You *must* use O_EXCL when using mktemp (security issue).
Glad this code never shipped :-).
This is not a problem in 2.0.x.
Jeremy.
(This used to be commit a0c302f4d03ab07d697115fa8520d0cb0b2ba616)
Diffstat (limited to 'source3/rpc_server/srv_spoolss_nt.c')
-rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index b4aefe44c1..ef0b7fad9b 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -2596,7 +2596,7 @@ uint32 _spoolss_startdocprinter( const POLICY_HND *handle, uint32 level, slprintf(tempname,sizeof(tempname)-1, "%s/smb_print.XXXXXX",lp_pathname(snum)); pstrcpy(fname, (char *)mktemp(tempname)); - fd=open(fname, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR ); + fd=open(fname, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, S_IRUSR|S_IWUSR ); DEBUG(4,("Temp spool file created: [%s]\n", fname)); Printer->current_jobid=fd; |