You *must* use O_EXCL when using mktemp (security issue).

author Jeremy Allison <jra@samba.org>

Sat, 11 Mar 2000 01:02:45 +0000 (01:02 +0000)

committer Jeremy Allison <jra@samba.org>

Sat, 11 Mar 2000 01:02:45 +0000 (01:02 +0000)
author Jeremy Allison <jra@samba.org>
Sat, 11 Mar 2000 01:02:45 +0000 (01:02 +0000)
committer Jeremy Allison <jra@samba.org>
Sat, 11 Mar 2000 01:02:45 +0000 (01:02 +0000)
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c

index b4aefe44c174245f41f79d6738e3392a093345f9..ef0b7fad9b1281d3797fbc349499357a08acc500 100644 (file)
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -2596,7 +2596,7 @@ uint32 _spoolss_startdocprinter( const POLICY_HND *handle, uint32 level,
         slprintf(tempname,sizeof(tempname)-1, "%s/smb_print.XXXXXX",lp_pathname(snum));  
         pstrcpy(fname, (char *)mktemp(tempname));
  
-       fd=open(fname, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR );
+       fd=open(fname, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL, S_IRUSR|S_IWUSR );
         DEBUG(4,("Temp spool file created: [%s]\n", fname));
  
         Printer->current_jobid=fd;
author	Jeremy Allison <jra@samba.org>
	Sat, 11 Mar 2000 01:02:45 +0000 (01:02 +0000)
committer	Jeremy Allison <jra@samba.org>
	Sat, 11 Mar 2000 01:02:45 +0000 (01:02 +0000)