From b8f32d608fb68bd3339daba8fe93724f8f70a8ab Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Thu, 29 Apr 2004 07:21:25 +0000
Subject: r397: BUG 1199: check logfile before writing debug output (This used
 to be commit 52df0905cdb68c0b83f64ccca39d377254e371cc)

---
 examples/printing/smbprint | 30 ++++++++++++++++++++++++++++--
 1 file changed, 28 insertions(+), 2 deletions(-)

(limited to 'examples')

diff --git a/examples/printing/smbprint b/examples/printing/smbprint
index 61ee41f444..e2bbdc2f16 100755
--- a/examples/printing/smbprint
+++ b/examples/printing/smbprint
@@ -1,4 +1,4 @@
-#!/bin/sh 
+#!/bin/bash
 
 # This script is an input filter for printcap printing on a unix machine. It
 # uses the smbclient program to print the file to the specified smb-based 
@@ -102,7 +102,33 @@ if [ $TRANS -eq 1 ]; then
 	command="translate;$command";
 fi
 
-debugfile="/tmp/smb-print.log"
+##
+## Some security checks on the logfile if we are using it
+##
+## make the directory containing the logfile is necessary 
+## and set the permissions to be rwx for owner only
+##
+
+debugfile="/tmp/smb-print/logfile"
+logdir=`dirname $debugfile`
+if [ ! -d $logdir ]; then 
+	mkdir -m 0700 $logdir
+fi
+
+##
+## check ownership.  If I don't own it refuse to 
+## create the logfile
+##
+if [ ! -O $logdir ]; then
+	echo "user running script does not own $logdir. Ignoring any debug options."
+	debug=""
+fi
+
+##
+## We should be safe at this point to create the log file
+## without fear of a symlink attack -- move on to more script work.
+##
+
 if [ "x$debug" = "x" ] ; then 
 		debugfile=/dev/null debugargs=
 else
-- 
cgit