From 90cbfc96d118d6b55c47392d8ae421434dea8225 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Mon, 25 Feb 2013 17:34:21 +0100 Subject: Make sure to set umask() before calling mkstemp(). Reviewed-by: David Disseldorp Autobuild-User(master): David Disseldorp Autobuild-Date(master): Wed Mar 6 01:16:34 CET 2013 on sn-devel-104 --- source3/libnet/libnet_samsync_ldif.c | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) (limited to 'source3/libnet') diff --git a/source3/libnet/libnet_samsync_ldif.c b/source3/libnet/libnet_samsync_ldif.c index c492b9fda5..2ea9c82328 100644 --- a/source3/libnet/libnet_samsync_ldif.c +++ b/source3/libnet/libnet_samsync_ldif.c @@ -24,6 +24,7 @@ */ #include "includes.h" +#include "system/filesys.h" #include "libnet/libnet_samsync.h" #include "transfer_file.h" #include "passdb.h" @@ -929,6 +930,8 @@ static NTSTATUS ldif_init_context(TALLOC_CTX *mem_ctx, const char *add_template = "/tmp/add.ldif.XXXXXX"; const char *mod_template = "/tmp/mod.ldif.XXXXXX"; const char *builtin_sid = "S-1-5-32"; + mode_t mask; + int fd; r = talloc_zero(mem_ctx, struct samsync_ldif_context); NT_STATUS_HAVE_NO_MEMORY(r); @@ -980,14 +983,37 @@ static NTSTATUS ldif_init_context(TALLOC_CTX *mem_ctx, goto done; } + mask = umask(S_IRWXO | S_IRWXG); + fd = mkstemp(r->add_name); + umask(mask); + if (fd < 0) { + DEBUG(1, ("Could not create %s\n", r->add_name)); + status = NT_STATUS_UNSUCCESSFUL; + goto done; + } + /* Open the add and mod ldif files */ - if (!(r->add_file = fdopen(mkstemp(r->add_name),"w"))) { + r->add_file = fdopen(fd, "w"); + if (r->add_file == NULL) { DEBUG(1, ("Could not open %s\n", r->add_name)); + close(fd); status = NT_STATUS_UNSUCCESSFUL; goto done; } - if (!(r->mod_file = fdopen(mkstemp(r->module_name),"w"))) { + + mask = umask(S_IRWXO | S_IRWXG); + fd = mkstemp(r->module_name); + umask(mask); + if (fd < 0) { + DEBUG(1, ("Could not create %s\n", r->module_name)); + status = NT_STATUS_UNSUCCESSFUL; + goto done; + } + + r->mod_file = fdopen(fd, "w"); + if (r->mod_file == NULL) { DEBUG(1, ("Could not open %s\n", r->module_name)); + close(fd); status = NT_STATUS_UNSUCCESSFUL; goto done; } -- cgit