From 90cbfc96d118d6b55c47392d8ae421434dea8225 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Mon, 25 Feb 2013 17:34:21 +0100 Subject: Make sure to set umask() before calling mkstemp(). Reviewed-by: David Disseldorp Autobuild-User(master): David Disseldorp Autobuild-Date(master): Wed Mar 6 01:16:34 CET 2013 on sn-devel-104 --- source3/printing/printing.c | 3 +++ source3/printing/printspoolss.c | 4 ++++ 2 files changed, 7 insertions(+) (limited to 'source3/printing') diff --git a/source3/printing/printing.c b/source3/printing/printing.c index c394118303..43f75e5c43 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -2709,6 +2709,7 @@ static WERROR print_job_spool_file(int snum, uint32_t jobid, SMB_STRUCT_STAT st; const char *path; int len; + mode_t mask; /* if this file is within the printer path, it means that smbd * is spooling it and will pass us control when it is finished. @@ -2746,7 +2747,9 @@ static WERROR print_job_spool_file(int snum, uint32_t jobid, slprintf(pjob->filename, sizeof(pjob->filename)-1, "%s/%sXXXXXX", lp_pathname(talloc_tos(), snum), PRINT_SPOOL_PREFIX); + mask = umask(S_IRWXO | S_IRWXG); pjob->fd = mkstemp(pjob->filename); + umask(mask); if (pjob->fd == -1) { werr = map_werror_from_unix(errno); diff --git a/source3/printing/printspoolss.c b/source3/printing/printspoolss.c index acf4c0d19a..5fab7d54ef 100644 --- a/source3/printing/printspoolss.c +++ b/source3/printing/printspoolss.c @@ -18,6 +18,7 @@ */ #include "includes.h" +#include "system/filesys.h" #include "printing.h" #include "rpc_client/rpc_client.h" #include "../librpc/gen_ndr/ndr_spoolss_c.h" @@ -68,6 +69,7 @@ NTSTATUS print_spool_open(files_struct *fsp, struct spoolss_DocumentInfo1 *info1; int fd = -1; WERROR werr; + mode_t mask; tmp_ctx = talloc_new(fsp); if (!tmp_ctx) { @@ -127,7 +129,9 @@ NTSTATUS print_spool_open(files_struct *fsp, goto done; } errno = 0; + mask = umask(S_IRWXO | S_IRWXG); fd = mkstemp(pf->filename); + umask(mask); if (fd == -1) { if (errno == EACCES) { /* Common setup error, force a report. */ -- cgit