CVE-2013-4476: samba-tool provision: create ${private_dir}/tls with mode 0700

author Björn Baumbach <bb@sernet.de>

Tue, 29 Oct 2013 16:49:55 +0000 (17:49 +0100)

committer Karolin Seeger <kseeger@samba.org>

Mon, 11 Nov 2013 10:14:36 +0000 (11:14 +0100)
author Björn Baumbach <bb@sernet.de>
Tue, 29 Oct 2013 16:49:55 +0000 (17:49 +0100)
committer Karolin Seeger <kseeger@samba.org>
Mon, 11 Nov 2013 10:14:36 +0000 (11:14 +0100)
diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py

index d8f353f54ae67dc5bb2c30d7f5256318d9e0f80b..4920735b247bf70ea0c6c0be5c50cad9c1acce4f 100644 (file)
--- a/python/samba/provision/__init__.py
+++ b/python/samba/provision/__init__.py
@@ -2025,7 +2025,7 @@ def provision(logger, session_info, smbconf=None,
      if not os.path.exists(paths.private_dir):
          os.mkdir(paths.private_dir)
      if not os.path.exists(os.path.join(paths.private_dir, "tls")):
-        os.mkdir(os.path.join(paths.private_dir, "tls"))
+        os.makedirs(os.path.join(paths.private_dir, "tls"), 0700)
      if not os.path.exists(paths.state_dir):
          os.mkdir(paths.state_dir)
author	Björn Baumbach <bb@sernet.de>
	Tue, 29 Oct 2013 16:49:55 +0000 (17:49 +0100)
committer	Karolin Seeger <kseeger@samba.org>
	Mon, 11 Nov 2013 10:14:36 +0000 (11:14 +0100)